summaryrefslogtreecommitdiff
path: root/Propellor/Property
diff options
context:
space:
mode:
authorJoey Hess2014-04-13 17:16:31 -0400
committerJoey Hess2014-04-13 17:16:31 -0400
commit56dd4ff4d8c77293e8e703f91fc8ac5ef96d55e9 (patch)
tree3ea64166ee2b38b95f45ceac7da2b5a5b865ca9d /Propellor/Property
parente958460475afdff1a1f2ecfb406370e444cb95f9 (diff)
propellor spin
Diffstat (limited to 'Propellor/Property')
-rw-r--r--Propellor/Property/Ssh.hs18
1 files changed, 12 insertions, 6 deletions
diff --git a/Propellor/Property/Ssh.hs b/Propellor/Property/Ssh.hs
index 6bfe1261..b13a12bf 100644
--- a/Propellor/Property/Ssh.hs
+++ b/Propellor/Property/Ssh.hs
@@ -107,8 +107,12 @@ keyImported keytype user = combineProperties desc
f <- liftIO $ keyfile ext
ifM (liftIO $ doesFileExist f)
( noChange
- , withPrivData p $ \key -> makeChange $
- writer f key
+ , ensureProperty $ combineProperties desc
+ [ Property desc $
+ withPrivData p $ \key -> makeChange $
+ writer f key
+ , File.ownerGroup f user user
+ ]
)
keyfile ext = do
home <- homeDirectory <$> getUserEntryForName user
@@ -130,6 +134,7 @@ knownHost hosts hn user = Property desc $
ensureProperty $ combineProperties desc
[ File.dirExists (takeDirectory f)
, f `File.containsLine` (hn ++ " " ++ k)
+ , File.ownerGroup f user user
]
go _ = do
warningMessage $ "no configred sshPubKey for " ++ hn
@@ -138,8 +143,9 @@ knownHost hosts hn user = Property desc $
-- | Makes a user have authorized_keys from the PrivData
authorizedKeys :: UserName -> Property
authorizedKeys user = Property (user ++ " has authorized_keys") $
- withPrivData (SshAuthorizedKeys user) $ \v -> liftIO $ do
+ withPrivData (SshAuthorizedKeys user) $ \v -> do
f <- liftIO $ dotFile "authorized_keys" user
- createDirectoryIfMissing True (takeDirectory f)
- writeFileProtected f v
- return NoChange
+ liftIO $ do
+ createDirectoryIfMissing True (takeDirectory f)
+ writeFileProtected f v
+ ensureProperty $ File.ownerGroup f user user