Commit 12d202491509e7e4b69774f0369b4a2880da68ea
1 parent
c06da04b
Make authdir mount every time it is needed
Showing
1 changed file
with
30 additions
and
9 deletions
| ... | ... | @@ -44,9 +44,12 @@ function ssh-init-agent() { |
| 44 | 44 | local PS="/bin/ps" |
| 45 | 45 | local ECHO="/bin/echo" |
| 46 | 46 | local SSH_AGENT="/usr/bin/ssh-agent" |
| 47 | + local MKTEMP="/usr/bin/mktemp" | |
| 47 | 48 | |
| 48 | 49 | [[ -e "${SSH_AGENT_FILE}" ]] && eval $(${CAT} "${SSH_AGENT_FILE}") >/dev/null |
| 49 | 50 | |
| 51 | + # printf "|ssh-agent| %s\n" "${SSH_AUTH_SOCK}" "${SSH_AGENT_PID}" | |
| 52 | + | |
| 50 | 53 | if [[ "x" != x${SSH_AGENT_PID} ]] |
| 51 | 54 | then |
| 52 | 55 | if [[ "ssh-agent" = "$(${PS} -p ${SSH_AGENT_PID} -o comm=)" ]] |
| ... | ... | @@ -55,8 +58,13 @@ function ssh-init-agent() { |
| 55 | 58 | fi |
| 56 | 59 | fi |
| 57 | 60 | |
| 61 | + insert_keypair "/authdata/${USER}/.ecryptfs" authdata | |
| 62 | + mount_crypt authdata | |
| 63 | + | |
| 58 | 64 | ${ECHO} -n "start ssh-agent ... " |
| 59 | - ${SSH_AGENT} >"${SSH_AGENT_FILE}" | |
| 65 | + | |
| 66 | + local SOCKDIR="$(${MKTEMP} -d -p "${TMPDIR}" agent-XXXXXXXX)" | |
| 67 | + ${SSH_AGENT} -a "${SOCKDIR}/agent.${PPID}" >"${SSH_AGENT_FILE}" | |
| 60 | 68 | if [[ 0 -eq $? ]] |
| 61 | 69 | then |
| 62 | 70 | eval $(${CAT} "${SSH_AGENT_FILE}") >/dev/null |
| ... | ... | @@ -65,6 +73,8 @@ function ssh-init-agent() { |
| 65 | 73 | else |
| 66 | 74 | ${ECHO} "FAILED" |
| 67 | 75 | fi |
| 76 | + | |
| 77 | + umount_crypt authdata | |
| 68 | 78 | } |
| 69 | 79 | |
| 70 | 80 | function gpg-init-agent() { |
| ... | ... | @@ -83,16 +93,25 @@ function gpg-init-agent() { |
| 83 | 93 | local SUBKEYGRIP="BE4A9914142B488736792B9CBE01AE3A94D96E7A" |
| 84 | 94 | |
| 85 | 95 | export GPG_AGENT_SOCK="${RUNDIR}/gnupg/S.gpg-agent" |
| 86 | - local SOCK_OPEN_PID="$(test -e "${GPG_AGENT_SOCK}" &&\ | |
| 87 | - ${LSOF} -F p ${GPG_AGENT_SOCK} | sed '/p/s/^.//;te;d;:e')" | |
| 96 | + if [[ -e "${GPG_AGENT_SOCK}" ]] | |
| 97 | + then | |
| 98 | + local SOCK_OPEN_PID="$(${LSOF} -w -F p ${GPG_AGENT_SOCK}|tr -d "p ")" | |
| 99 | + fi | |
| 100 | + | |
| 101 | + GPG_AGENT_PID="$(${PS} -C gpg-agent -o pid=|tr -d " ")" | |
| 88 | 102 | |
| 89 | - GPG_AGENT_PID="$(${PS} -h -U ${USER} -o pid -o comm |\ | |
| 90 | - ${AWK} '/gpg-agent/{print $1}')" | |
| 103 | + # printf "|gpg-agent| %s\n" \ | |
| 104 | + # "${GPG_AGENT_SOCK}" \ | |
| 105 | + # "${GPG_AGENT_PID}" \ | |
| 106 | + # "open socket on: ${SOCK_OPEN_PID}" | |
| 91 | 107 | |
| 92 | - if [[ "${SOCK_OPEN_PID}" && ${GPG_AGENT_PID} == ${SOCK_OPEN_PID} ]] | |
| 108 | + if [[ "${SOCK_OPEN_PID}" && ${GPG_AGENT_PID} -eq ${SOCK_OPEN_PID} ]] | |
| 93 | 109 | then |
| 94 | - return | |
| 110 | + : | |
| 95 | 111 | else |
| 112 | + insert_keypair "/authdata/${USER}/.ecryptfs" authdata | |
| 113 | + mount_crypt authdata | |
| 114 | + | |
| 96 | 115 | ${ECHO} -n "start gpg-agent ... " |
| 97 | 116 | eval ${GPG_AGENT} ${GPG_AGENT_ARGS} |
| 98 | 117 | if [[ 0 -eq $? ]] |
| ... | ... | @@ -100,12 +119,14 @@ function gpg-init-agent() { |
| 100 | 119 | ${CAT} "${CREDDIR}/gpg.pw" | ${GPG_PRESET} --preset ${KEYGRIP} |
| 101 | 120 | ${CAT} "${CREDDIR}/gpg.pw" | ${GPG_PRESET} --preset ${SUBKEYGRIP} |
| 102 | 121 | ${ECHO} "OK" |
| 103 | - export GPG_AGENT_PID="$(${PS} -h -U ${USER} -o pid -o comm |\ | |
| 104 | - ${AWK} '/gpg-agent/{print $1}')" | |
| 122 | + GPG_AGENT_PID="$(${PS} -C ${USER} -o pid=|tr -d "")" | |
| 105 | 123 | else |
| 106 | 124 | ${ECHO} "FAILED" |
| 107 | 125 | fi |
| 126 | + | |
| 127 | + umount_crypt authdata | |
| 108 | 128 | fi |
| 129 | + export GPG_AGENT_PID | |
| 109 | 130 | } |
| 110 | 131 | |
| 111 | 132 | # vim: set ft=sh ts=4 sw=4: | ... | ... |
Please
register
or
login
to post a comment