2010-07-25 17:25:32 +02:00
|
|
|
#!/usr/bin/perl -w
|
|
|
|
|
|
2011-01-15 16:39:56 +01:00
|
|
|
# documentation for this program is right here, please read
|
2010-07-25 17:25:32 +02:00
|
|
|
|
2011-03-28 15:24:32 +02:00
|
|
|
# IMPORTANT: also see usage notes below
|
2011-01-15 16:39:56 +01:00
|
|
|
|
|
|
|
|
# BACKGROUND/PURPOSE:
|
2010-07-25 17:25:32 +02:00
|
|
|
|
|
|
|
|
# - an external program populates "keydir" with *all* keys and then
|
2011-01-15 16:39:56 +01:00
|
|
|
# calls this program, giving "keydir" as arg-1
|
2010-07-25 17:25:32 +02:00
|
|
|
# - we then call gitolite.pm's "setup_authkeys" function to do its thing
|
|
|
|
|
|
2011-01-15 16:39:56 +01:00
|
|
|
# arg-1: keydir
|
2010-07-25 17:25:32 +02:00
|
|
|
|
|
|
|
|
# DISCUSSION:
|
|
|
|
|
#
|
|
|
|
|
# For now, we will assume *all* the keys are in the keydir passed. The
|
2011-01-15 16:39:56 +01:00
|
|
|
# setup_authkeys routine factored out from the old gl-compile-conf is not
|
|
|
|
|
# setup to take a partial set of keys and create the ~/.ssh/authorized_keys
|
|
|
|
|
# file.
|
2010-07-25 17:25:32 +02:00
|
|
|
#
|
2011-01-15 16:39:56 +01:00
|
|
|
# Also, there are issues to do with *deleted* keys that need to be taken care
|
|
|
|
|
# of.
|
2010-07-25 17:25:32 +02:00
|
|
|
#
|
2011-01-15 16:39:56 +01:00
|
|
|
# All in all, unless it is shown to be quite inefficient, I'd much prefer
|
|
|
|
|
# processing *all* keys each time there is a change.
|
|
|
|
|
|
|
|
|
|
use strict;
|
|
|
|
|
use warnings;
|
|
|
|
|
|
|
|
|
|
use FindBin;
|
|
|
|
|
BEGIN { $ENV{GL_BINDIR} = $FindBin::Bin; }
|
|
|
|
|
|
|
|
|
|
use lib $ENV{GL_BINDIR};
|
|
|
|
|
use gitolite_rc;
|
|
|
|
|
use gitolite;
|
|
|
|
|
|
|
|
|
|
use Getopt::Long;
|
|
|
|
|
my $batch = 0;
|
|
|
|
|
GetOptions('batch' => \$batch);
|
|
|
|
|
|
|
|
|
|
# prevent newbie from running it accidentally and clobbering his authkeys file!
|
|
|
|
|
unless ($batch) {
|
2010-07-25 17:25:32 +02:00
|
|
|
print STDERR "
|
|
|
|
|
This is a cronnable, batchable, program to rewrite ~/.ssh/authorized_keys
|
2011-03-28 15:24:32 +02:00
|
|
|
using public keys in a given directory. It MUST be run by supplying its
|
|
|
|
|
full path, and the rest of the gitolite scripts must be in the same
|
|
|
|
|
directory. Here's how to run it:
|
|
|
|
|
|
|
|
|
|
/full/path/to/gl-setup-authkeys -batch keydir
|
|
|
|
|
|
|
|
|
|
where 'keydir' contains a bunch of '*.pub' files.
|
|
|
|
|
|
|
|
|
|
If you're not sure what the full path to the script should be, look in
|
|
|
|
|
~/.ssh/authorized_keys for the path to the gl-auth-command script.
|
2010-07-25 17:25:32 +02:00
|
|
|
|
2011-03-28 15:24:32 +02:00
|
|
|
If you managed to lose that file (how careless of you!) then, depending on
|
|
|
|
|
what install mode you used, it's either \$HOME/.gitolite/src or \$HOME/bin
|
|
|
|
|
or /usr/local/bin or whatever your package maintainer decided. I leave it
|
|
|
|
|
to you to figure out which method gets you which PATH ;-) In this case
|
|
|
|
|
you'll also have to set GL_BINDIR to that same path *and* export it, so
|
|
|
|
|
something like this should do:
|
2010-07-25 17:25:32 +02:00
|
|
|
|
2011-03-28 15:24:32 +02:00
|
|
|
export GL_BINDIR=/that/full/path/you/just/found
|
|
|
|
|
\$GL_BINDIR/gl-setup-authkeys -batch keydir
|
2010-07-25 17:25:32 +02:00
|
|
|
|
2011-03-28 15:24:32 +02:00
|
|
|
The keydir can be found from the value of \$GL_KEYDIR in ~/.gitolite.rc\n\n";
|
2010-07-25 17:25:32 +02:00
|
|
|
exit 1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
# quick sanity check and run
|
|
|
|
|
my $keydir = shift or die "I need a directory name\n";
|
|
|
|
|
-d $keydir or die "$keydir should be a directory\n";
|
|
|
|
|
|
2011-01-15 16:39:56 +01:00
|
|
|
setup_authkeys($keydir);
|
