path: root/src/Propellor/Property/Ssh.hs
diff options
authorJoey Hess2016-02-26 11:02:36 -0400
committerJoey Hess2016-02-26 11:02:36 -0400
commit1501509f5dfb5c93fd572f472756c96905d41ce4 (patch)
treea5cdac1f0e5d9ee8a2dfaf701ed7b7fb498e5d72 /src/Propellor/Property/Ssh.hs
parent0cba8dec39447f030c0f765d1d84a1c2466b9bfc (diff)
Removed Ssh.unauthorizedKey and made Ssh.authorizedKey revertable. (API change)
Diffstat (limited to 'src/Propellor/Property/Ssh.hs')
1 files changed, 14 insertions, 20 deletions
diff --git a/src/Propellor/Property/Ssh.hs b/src/Propellor/Property/Ssh.hs
index c21f009f..b67c53dd 100644
--- a/src/Propellor/Property/Ssh.hs
+++ b/src/Propellor/Property/Ssh.hs
@@ -30,7 +30,6 @@ module Propellor.Property.Ssh (
- unauthorizedKey,
) where
@@ -372,7 +371,7 @@ localuser@(User ln) `unauthorizedKeysFrom` (remoteuser@(User rn), remotehost) =
go [] = return NoChange
go ls = ensureProperty $ combineProperties desc $
- map (unauthorizedKey localuser) ls
+ map (revert . authorizedKey localuser) ls
authorizedKeyLines :: User -> Host -> Propellor [File.Line]
authorizedKeyLines remoteuser remotehost =
@@ -395,25 +394,20 @@ authorizedKeys user@(User u) context = withPrivData (SshAuthorizedKeys u) contex
-- | Ensures that a user's authorized_keys contains a line.
-- Any other lines in the file are preserved as-is.
-authorizedKey :: User -> String -> Property NoInfo
-authorizedKey user@(User u) l = property desc $ do
- f <- liftIO $ dotFile "authorized_keys" user
- modAuthorizedKey f user $
- f `File.containsLine` l
- `requires` File.dirExists (takeDirectory f)
+authorizedKey :: User -> String -> RevertableProperty NoInfo
+authorizedKey user@(User u) l = add <!> remove
- desc = u ++ " has authorized_keys"
--- | Reverts `authorizedKey`
-unauthorizedKey :: User -> String -> Property NoInfo
-unauthorizedKey user@(User u) l = property desc $ do
- f <- liftIO $ dotFile "authorized_keys" user
- ifM (liftIO $ doesFileExist f)
- ( modAuthorizedKey f user $ f `File.lacksLine` l
- , return NoChange
- )
- where
- desc = u ++ " lacks authorized_keys"
+ add = property (u ++ " has authorized_keys") $ do
+ f <- liftIO $ dotFile "authorized_keys" user
+ modAuthorizedKey f user $
+ f `File.containsLine` l
+ `requires` File.dirExists (takeDirectory f)
+ remove = property (u ++ " lacks authorized_keys") $ do
+ f <- liftIO $ dotFile "authorized_keys" user
+ ifM (liftIO $ doesFileExist f)
+ ( modAuthorizedKey f user $ f `File.lacksLine` l
+ , return NoChange
+ )
modAuthorizedKey :: FilePath -> User -> Property NoInfo -> Propellor Result
modAuthorizedKey f user p = ensureProperty $ p