agent-getpeereid.sh revision 302408
1135446Strhodes# $OpenBSD: agent-getpeereid.sh,v 1.5 2013/05/17 10:33:09 dtucker Exp $ 2262706Serwin# Placed in the Public Domain. 3135446Strhodes 4135446Strhodestid="disallow agent attach from other uid" 5174187Sdougb 6135446StrhodesUNPRIV=nobody 7135446StrhodesASOCK=${OBJ}/agent 8135446StrhodesSSH_AUTH_SOCK=/nonexistent 9135446Strhodes 10135446Strhodesif config_defined HAVE_GETPEEREID HAVE_GETPEERUCRED HAVE_SO_PEERCRED ; then 11135446Strhodes : 12135446Strhodeselse 13135446Strhodes echo "skipped (not supported on this platform)" 14135446Strhodes exit 0 15135446Strhodesfi 16135446Strhodesif [ -z "$SUDO" ]; then 17135446Strhodes echo "skipped: need SUDO to switch to uid $UNPRIV" 18234010Sdougb exit 0 19135446Strhodesfi 20193149Sdougb 21170222Sdougbtrace "start agent" 22170222Sdougbeval `${SSHAGENT} -s -a ${ASOCK}` > /dev/null 23170222Sdougbr=$? 24170222Sdougbif [ $r -ne 0 ]; then 25170222Sdougb fail "could not start ssh-agent: exit code $r" 26170222Sdougbelse 27170222Sdougb chmod 644 ${SSH_AUTH_SOCK} 28170222Sdougb 29170222Sdougb ssh-add -l > /dev/null 2>&1 30170222Sdougb r=$? 31170222Sdougb if [ $r -ne 1 ]; then 32170222Sdougb fail "ssh-add failed with $r != 1" 33170222Sdougb fi 34170222Sdougb 35170222Sdougb < /dev/null ${SUDO} -S -u ${UNPRIV} ssh-add -l 2>/dev/null 36170222Sdougb r=$? 37170222Sdougb if [ $r -lt 2 ]; then 38170222Sdougb fail "ssh-add did not fail for ${UNPRIV}: $r < 2" 39170222Sdougb fi 40170222Sdougb 41170222Sdougb trace "kill agent" 42170222Sdougb ${SSHAGENT} -k > /dev/null 43170222Sdougbfi 44170222Sdougb 45170222Sdougbrm -f ${OBJ}/agent 46170222Sdougb