1323136Sdes# $OpenBSD: agent-getpeereid.sh,v 1.8 2017/01/06 02:51:16 djm Exp $ 2113908Sdes# Placed in the Public Domain. 3113908Sdes 4113908Sdestid="disallow agent attach from other uid" 5113908Sdes 6113908SdesUNPRIV=nobody 7113908SdesASOCK=${OBJ}/agent 8180746SdesSSH_AUTH_SOCK=/nonexistent 9113908Sdes 10218767Sdesif config_defined HAVE_GETPEEREID HAVE_GETPEERUCRED HAVE_SO_PEERCRED ; then 11218767Sdes : 12218767Sdeselse 13124208Sdes echo "skipped (not supported on this platform)" 14124208Sdes exit 0 15124208Sdesfi 16323129Sdescase "x$SUDO" in 17323129Sdes xsudo) sudo=1;; 18323129Sdes xdoas) ;; 19323129Sdes x) 20323129Sdes echo "need SUDO to switch to uid $UNPRIV" 21323129Sdes exit 0 ;; 22323129Sdes *) 23323129Sdes echo "unsupported $SUDO - "doas" and "sudo" are allowed" 24323129Sdes exit 0 ;; 25323129Sdesesac 26124208Sdes 27113908Sdestrace "start agent" 28113908Sdeseval `${SSHAGENT} -s -a ${ASOCK}` > /dev/null 29113908Sdesr=$? 30113908Sdesif [ $r -ne 0 ]; then 31113908Sdes fail "could not start ssh-agent: exit code $r" 32113908Sdeselse 33113908Sdes chmod 644 ${SSH_AUTH_SOCK} 34113908Sdes 35323136Sdes ${SSHADD} -l > /dev/null 2>&1 36113908Sdes r=$? 37113908Sdes if [ $r -ne 1 ]; then 38113908Sdes fail "ssh-add failed with $r != 1" 39113908Sdes fi 40323129Sdes if test -z "$sudo" ; then 41323129Sdes # doas 42323136Sdes ${SUDO} -n -u ${UNPRIV} ${SSHADD} -l 2>/dev/null 43323129Sdes else 44323129Sdes # sudo 45323136Sdes < /dev/null ${SUDO} -S -u ${UNPRIV} ${SSHADD} -l 2>/dev/null 46323129Sdes fi 47113908Sdes r=$? 48113908Sdes if [ $r -lt 2 ]; then 49113908Sdes fail "ssh-add did not fail for ${UNPRIV}: $r < 2" 50113908Sdes fi 51113908Sdes 52113908Sdes trace "kill agent" 53113908Sdes ${SSHAGENT} -k > /dev/null 54113908Sdesfi 55113908Sdes 56113908Sdesrm -f ${OBJ}/agent 57