--- a/src/do-refresh-auth Fri Mar 06 12:34:07 2009 +0000
+++ b/src/do-refresh-auth Fri Mar 06 12:46:22 2009 +0000
@@ -9,15 +9,22 @@
import sys
import os
import os.path
+import pwd
import subprocess
-from mercurialserver import ruleset
+from mercurialserver import ruleset, paths
-if len(sys.argv) <= 3:
- sys.stderr.write("refresh-auth: wrong number of arguments (%s)\n" % sys.argv)
+if len(sys.argv) != 1:
+ sys.stderr.write("refresh-auth: must be called with no arguments (%s)\n" % sys.argv)
sys.exit(-1)
-akeyfile = sys.argv[1]
-wrappercommand = sys.argv[2]
+pentry = pwd.getpwuid(os.geteuid())
+if pentry.pw_name != "hg":
+ # FIXME: re-execute
+ print >>sys.stderr, "Must be run as the 'hg' user"
+
+akeyfile = pentry.pw_dir + "/.ssh/authorized_keys"
+wrappercommand = paths.getEtcPath() + "/hg-ssh-wrapper"
+keydirs = [paths.getEtcPath() + "/keys", pentry.pw_dir + "/repos/hgadmin/keys"]
prefix='no-pty,no-port-forwarding,no-X11-forwarding,no-agent-forwarding,command='
if os.path.exists(akeyfile):
@@ -30,7 +37,7 @@
f.close()
akeys = open(akeyfile + "_new", "w")
-for keyroot in sys.argv[3:]:
+for keyroot in keydirs:
kr = keyroot + "/"
#print "Processing keyroot", keyroot
for root, dirs, files in os.walk(keyroot):