]>
Commit | Line | Data |
---|---|---|
a7c7196f | 1 | # $OpenBSD: agent-getpeereid.sh,v 1.4 2007/11/25 15:35:09 jmc Exp $ |
8582624b | 2 | # Placed in the Public Domain. |
3 | ||
4 | tid="disallow agent attach from other uid" | |
5 | ||
6 | UNPRIV=nobody | |
7 | ASOCK=${OBJ}/agent | |
a7c7196f | 8 | SSH_AUTH_SOCK=/nonexistent |
8582624b | 9 | |
aee1c971 | 10 | if grep "#undef.*HAVE_GETPEEREID" ${BUILDDIR}/config.h >/dev/null 2>&1 && \ |
11 | grep "#undef.*HAVE_GETPEERUCRED" ${BUILDDIR}/config.h >/dev/null && \ | |
12 | grep "#undef.*HAVE_SO_PEERCRED" ${BUILDDIR}/config.h >/dev/null | |
584c5ed9 | 13 | then |
14 | echo "skipped (not supported on this platform)" | |
15 | exit 0 | |
16 | fi | |
e7c5b206 | 17 | if [ -z "$SUDO" ]; then |
18 | echo "skipped: need SUDO to switch to uid $UNPRIV" | |
19 | exit 0 | |
20 | fi | |
21 | ||
584c5ed9 | 22 | |
8582624b | 23 | trace "start agent" |
24 | eval `${SSHAGENT} -s -a ${ASOCK}` > /dev/null | |
25 | r=$? | |
26 | if [ $r -ne 0 ]; then | |
27 | fail "could not start ssh-agent: exit code $r" | |
28 | else | |
29 | chmod 644 ${SSH_AUTH_SOCK} | |
30 | ||
31 | ssh-add -l > /dev/null 2>&1 | |
32 | r=$? | |
33 | if [ $r -ne 1 ]; then | |
34 | fail "ssh-add failed with $r != 1" | |
35 | fi | |
36 | ||
41f70006 | 37 | < /dev/null ${SUDO} -S -u ${UNPRIV} ssh-add -l > /dev/null 2>&1 |
8582624b | 38 | r=$? |
39 | if [ $r -lt 2 ]; then | |
40 | fail "ssh-add did not fail for ${UNPRIV}: $r < 2" | |
41 | fi | |
42 | ||
43 | trace "kill agent" | |
44 | ${SSHAGENT} -k > /dev/null | |
45 | fi | |
46 | ||
47 | rm -f ${OBJ}/agent |