// rename renames the authorized_keys dir to the supplied path.
func (akd *SSHAuthorizedKeysDir) rename(to string) error {
err := as_user.Rename(akd.user, akd.path, to)
if err != nil {
return err
}
akd.path = to
return nil
}
// Replace replaces the opened key with the supplied data.
func (ak *SSHAuthorizedKey) Replace(keys []byte) error {
sp := stageFilePath(ak.origin.user)
sf, err := as_user.OpenFile(ak.origin.user, sp,
syscall.O_WRONLY|syscall.O_CREAT|syscall.O_TRUNC, 0600)
if err != nil {
return err
}
defer os.Remove(sp)
if _, err = sf.Write(keys); err != nil {
return err
}
if err := sf.Close(); err != nil {
return err
}
return as_user.Rename(ak.origin.user, sp, ak.Path)
}
// Sync synchronizes the user's ~/.ssh/authorized_keys file with the
// current authorized_keys.d directory state.
func (akd *SSHAuthorizedKeysDir) Sync() error {
sp := stageFilePath(akd.user)
sf, err := as_user.OpenFile(akd.user, sp,
syscall.O_CREAT|syscall.O_TRUNC|syscall.O_WRONLY, 0600)
if err != nil {
return err
}
defer func() {
if err != nil {
sf.Close()
os.Remove(sp)
}
}()
if err := akd.WalkKeys(func(k *SSHAuthorizedKey) error {
if !k.Disabled {
kb, err := ioutil.ReadFile(k.Path)
if err != nil {
return err
}
kb = append(kb, '\n')
if _, err := sf.Write(kb); err != nil {
return err
}
}
return nil
}); err != nil {
return err
}
if err := sf.Close(); err != nil {
return err
}
err = as_user.Rename(akd.user, sp, authKeysFilePath(akd.user))
if err != nil {
return err
}
return nil
}
