summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--doc/forum/chown:_invalid_group:___8216__com-sixs:com-sixs__8217__.mdwn23
-rw-r--r--doc/forum/chown:_invalid_group:___8216__com-sixs:com-sixs__8217__/comment_1_609a113d809294c792d406ba72b0a1f2._comment36
2 files changed, 59 insertions, 0 deletions
diff --git a/doc/forum/chown:_invalid_group:___8216__com-sixs:com-sixs__8217__.mdwn b/doc/forum/chown:_invalid_group:___8216__com-sixs:com-sixs__8217__.mdwn
new file mode 100644
index 00000000..9b684ca3
--- /dev/null
+++ b/doc/forum/chown:_invalid_group:___8216__com-sixs:com-sixs__8217__.mdwn
@@ -0,0 +1,23 @@
+Hello Joey
+
+I try to use
+
+ Ssh.authorizedKey (User "com-sixs") sshKeyPubComSixs
+
+on a system where the account are available in a ldap.
+On this system the group is different from the user name
+name -> grp-name
+
+So I end up with this error message
+
+ chown: invalid group: ‘com-sixs:com-sixs’
+ sixs3.exp.synchrotron-soleil.fr com-sixs has authorized_keys ... failed
+
+so my questions are.
+
+- Is it mandatory to have a user and the identical group on a unix system ?
+- Can we add a Group parameter to the authorizedKey property ?
+
+thanks for your help
+
+Fred
diff --git a/doc/forum/chown:_invalid_group:___8216__com-sixs:com-sixs__8217__/comment_1_609a113d809294c792d406ba72b0a1f2._comment b/doc/forum/chown:_invalid_group:___8216__com-sixs:com-sixs__8217__/comment_1_609a113d809294c792d406ba72b0a1f2._comment
new file mode 100644
index 00000000..2014af74
--- /dev/null
+++ b/doc/forum/chown:_invalid_group:___8216__com-sixs:com-sixs__8217__/comment_1_609a113d809294c792d406ba72b0a1f2._comment
@@ -0,0 +1,36 @@
+[[!comment format=mdwn
+ username="picca"
+ avatar="http://cdn.libravatar.org/avatar/7e61c80d28018b10d31f6db7dddb864c"
+ subject="comment 1"
+ date="2019-02-13T11:33:20Z"
+ content="""
+something like this
+
+ -- | Ensures that a user's authorized_keys contains a line.
+ -- Any other lines in the file are preserved as-is.
+ authorizedKey' :: User -> Group -> String -> RevertableProperty UnixLike UnixLike
+ authorizedKey' user@(User u) grp l = add <!> remove
+ where
+ add = property' (u ++ \" has authorized_keys\") $ \w -> do
+ f <- liftIO $ dotFile \"authorized_keys\" user
+ ensureProperty w $ modAuthorizedKey' f user grp $
+ f `File.containsLine` l
+ `requires` File.dirExists (takeDirectory f)
+ remove = property' (u ++ \" lacks authorized_keys\") $ \w -> do
+ f <- liftIO $ dotFile \"authorized_keys\" user
+ ifM (liftIO $ doesFileExist f)
+ ( ensureProperty w $ modAuthorizedKey' f user grp $
+ f `File.lacksLine` l
+ , return NoChange
+ )
+
+ modAuthorizedKey' :: FilePath -> User -> Group -> Property UnixLike -> Property UnixLike
+ modAuthorizedKey' f user grp p = p
+ `before` File.mode f (combineModes [ownerWriteMode, ownerReadMode])
+ `before` File.ownerGroup f user grp
+ `before` File.ownerGroup (takeDirectory f) user grp
+
+then it is trivial to rewrite the previous properties :)
+
+but I do no know if this is the right path to follow.
+"""]]