// rename renames the authorized_keys dir to the supplied path. func (akd *SSHAuthorizedKeysDir) rename(to string) error { err := as_user.Rename(akd.user, akd.path, to) if err != nil { return err } akd.path = to return nil }
// Replace replaces the opened key with the supplied data. func (ak *SSHAuthorizedKey) Replace(keys []byte) error { sp := stageFilePath(ak.origin.user) sf, err := as_user.OpenFile(ak.origin.user, sp, syscall.O_WRONLY|syscall.O_CREAT|syscall.O_TRUNC, 0600) if err != nil { return err } defer os.Remove(sp) if _, err = sf.Write(keys); err != nil { return err } if err := sf.Close(); err != nil { return err } return as_user.Rename(ak.origin.user, sp, ak.Path) }
// Sync synchronizes the user's ~/.ssh/authorized_keys file with the // current authorized_keys.d directory state. func (akd *SSHAuthorizedKeysDir) Sync() error { sp := stageFilePath(akd.user) sf, err := as_user.OpenFile(akd.user, sp, syscall.O_CREAT|syscall.O_TRUNC|syscall.O_WRONLY, 0600) if err != nil { return err } defer func() { if err != nil { sf.Close() os.Remove(sp) } }() if err := akd.WalkKeys(func(k *SSHAuthorizedKey) error { if !k.Disabled { kb, err := ioutil.ReadFile(k.Path) if err != nil { return err } kb = append(kb, '\n') if _, err := sf.Write(kb); err != nil { return err } } return nil }); err != nil { return err } if err := sf.Close(); err != nil { return err } err = as_user.Rename(akd.user, sp, authKeysFilePath(akd.user)) if err != nil { return err } return nil }