equal
deleted
inserted
replaced
10 import os.path |
10 import os.path |
11 import pwd |
11 import pwd |
12 import subprocess |
12 import subprocess |
13 from mercurialserver import ruleset, paths |
13 from mercurialserver import ruleset, paths |
14 |
14 |
15 def refreshAuth(): |
15 def refreshAuth(pw_dir): |
16 pentry = pwd.getpwuid(os.geteuid()) |
16 akeyfile = pw_dir + "/.ssh/authorized_keys" |
17 if pentry.pw_name != "hg": |
|
18 # FIXME: re-execute |
|
19 print >>sys.stderr, "Must be run as the 'hg' user" |
|
20 sys.exit(-1) |
|
21 |
|
22 akeyfile = pentry.pw_dir + "/.ssh/authorized_keys" |
|
23 wrappercommand = paths.getExePath() + "/hg-ssh" |
17 wrappercommand = paths.getExePath() + "/hg-ssh" |
24 keydirs = [paths.getEtcPath() + "/keys", pentry.pw_dir + "/repos/hgadmin/keys"] |
18 keydirs = [paths.getEtcPath() + "/keys", pw_dir + "/repos/hgadmin/keys"] |
25 prefix='no-pty,no-port-forwarding,no-X11-forwarding,no-agent-forwarding,command=' |
19 prefix='no-pty,no-port-forwarding,no-X11-forwarding,no-agent-forwarding,command=' |
26 |
20 |
27 if os.path.exists(akeyfile): |
21 if os.path.exists(akeyfile): |
28 f = open(akeyfile) |
22 f = open(akeyfile) |
29 try: |
23 try: |
61 finally: |
55 finally: |
62 kf.close() |
56 kf.close() |
63 for l in klines: |
57 for l in klines: |
64 if len(l): |
58 if len(l): |
65 akeys.write('%s"%s %s" %s\n' % (prefix, wrappercommand, keyname, l)) |
59 akeys.write('%s"%s %s" %s\n' % (prefix, wrappercommand, keyname, l)) |
66 |
|
67 akeys.close() |
60 akeys.close() |
68 |
|
69 os.rename(akeyfile + "_new", akeyfile) |
61 os.rename(akeyfile + "_new", akeyfile) |
70 |
62 |
71 def hook(ui, repo, hooktype, node=None, source=None, **kwargs): |
63 def hook(ui, repo, hooktype, node=None, source=None, **kwargs): |
72 refreshAuth() |
64 pentry = pwd.getpwuid(os.geteuid()) |
|
65 refreshAuth(pentry.pw_dir) |
73 |
66 |