aboutsummaryrefslogtreecommitdiff
path: root/src/property/ssh.lisp
Commit message (Collapse)AuthorAge
* rename to SSH:{PARENT-IS-,}SYSTEM-KNOWN-HOSTSean Whitton2022-04-29
| | | | Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* export SSHD:HOST-PUBLIC-KEYS hostattr, unexport GET-HOST-PUBLIC-KEYSSean Whitton2022-04-29
| | | | Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* add "local" and "remote" to the names of some exported symbolsSean Whitton2022-03-09
| | | | Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* src/property/file.lisp: unless mode supplied, create missing dirsSean Whitton2021-12-27
| | | | | | | | | | | | | | | | | This means you can apply properties like FILE:HAS-CONTENT without also having to explicitly apply FILE:{CONTAINING-,}DIRECTORY-EXISTS or similar. If missing intermediate directories need to have particular modes or ownership, it is easy to apply properties to ensure those directories exist with those attributes before applying the property which will create the file. Then there are no missing directories for the latter property to create. In the case where a mode for the file is supplied, leave it to the caller to create the directories, as a safety measure (see 487a473390). In the future we might create missing intermediate directories based on a supplied mode, such as creating them 0750 when the supplied mode is 0640. Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* SSH:HAS-USER-KEY: fix application of FILE:SECRET-UPLOADEDSean Whitton2021-07-16
| | | | Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* SSH:HAS-USER-KEY: require specification of destination pathSean Whitton2021-07-16
| | | | Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* SSH known host properties: add :IPS and :ADDITIONAL-NAMES parametersSean Whitton2021-06-27
| | | | Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* SSH known host properties: add :ALIASES parameterSean Whitton2021-06-27
| | | | | | | | Also, when updating existing lines, consider only the hostname as identifying a matching existing line, disregarding whatever aliases and short hostname may also be present. This means we can update lines if the aliases change. Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* add SSH:HAS-USER-KEYSean Whitton2021-06-25
| | | | Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* add SSH:PARENT-IS-GLOBALLY-KNOWN-HOSTSean Whitton2021-05-31
| | | | Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* add SSH:{GLOBALLY-,}KNOWN-HOST and SSHD:HAS-{HOST-,}PUBLIC-KEYSean Whitton2021-05-31
| | | | Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* convert CONNECTION slots to connattrs & fix finding homedirsSean Whitton2021-05-23
| | | | | | | | | | | | HOME does not take into account /etc/passwd inside the chroot, even when starting a login shell with, e.g., "chroot /chroot sh -lc 'echo $HOME'" -- we would need something which emulates login(1), like su(1), but the -c argument to su(1) is not portable. getent(1) is not POSIX. So use tilde expansion. Additionally, avoid having UPLOAD-ALL-PREREQUISITE-DATA store values for the remote UID, remote homedir etc. from *before* the chroot/setuid operation. Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* add SSH:AUTHORIZED-KEYSSean Whitton2021-04-01
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
generated by cgit v1.2.3 (git 2.39.1) at 2024-05-17 22:53:56 +0000