diff options
author | elijah <elijah@riseup.net> | 2016-07-03 23:24:47 -0700 |
---|---|---|
committer | elijah <elijah@riseup.net> | 2016-07-03 23:24:47 -0700 |
commit | d05f00bf405e9c0f4f6431ba923e7b4001de9cb6 (patch) | |
tree | 2824b20f960808f806210a437334e435918ad741 /lib/leap_cli/ssh | |
parent | 88412ea2079d29fdc3390b17e7621724ef6520a6 (diff) |
bugfix: work-around for problem with upload file permissions (#8235)
Diffstat (limited to 'lib/leap_cli/ssh')
-rw-r--r-- | lib/leap_cli/ssh/backend.rb | 23 | ||||
-rw-r--r-- | lib/leap_cli/ssh/scripts.rb | 8 |
2 files changed, 27 insertions, 4 deletions
diff --git a/lib/leap_cli/ssh/backend.rb b/lib/leap_cli/ssh/backend.rb index 67c6ec9a..80203b61 100644 --- a/lib/leap_cli/ssh/backend.rb +++ b/lib/leap_cli/ssh/backend.rb @@ -4,6 +4,7 @@ # common exceptions. # +require 'stringio' require 'timeout' require 'sshkit' require 'leap_cli/ssh/formatter' @@ -97,6 +98,28 @@ module LeapCli @scripts ||= LeapCli::SSH::Scripts.new(self, @host.hostname) end + # + # sshkit just passes upload! and download! to Net::SCP, but Net::SCP + # make it impossible to set the file permissions. Here is how the mode + # is determined, from upload.rb: + # + # mode = channel[:stat] ? channel[:stat].mode & 07777 : channel[:options][:mode] + # + # The stat info from the file always overrides the mode you pass in options. + # However, the channel[:options][:mode] will be applied for pure in-memory + # uploads. So, if the mode is set, we convert the upload to be a memory + # upload instead of a file upload. + # + # Stupid, but blame Net::SCP. + # + def upload!(src, dest, options={}) + if options[:mode] + super(StringIO.new(File.read(src)), dest, options) + else + super(src, dest, options) + end + end + private # diff --git a/lib/leap_cli/ssh/scripts.rb b/lib/leap_cli/ssh/scripts.rb index feefdd46..7b76285b 100644 --- a/lib/leap_cli/ssh/scripts.rb +++ b/lib/leap_cli/ssh/scripts.rb @@ -88,7 +88,7 @@ module LeapCli def install_authorized_keys ssh.log :updating, "authorized_keys" do mkdirs '/root/.ssh' - ssh.upload! LeapCli::Path.named_path(:authorized_keys), '/root/.ssh/authorized_keys', :mode => '600' + ssh.upload! LeapCli::Path.named_path(:authorized_keys), '/root/.ssh/authorized_keys', :mode => 0600 end end @@ -105,7 +105,7 @@ module LeapCli def install_insecure_vagrant_key ssh.log :installing, "insecure vagrant key" do mkdirs '/root/.ssh' - ssh.upload! LeapCli::Path.vagrant_ssh_pub_key_file, '/root/.ssh/authorized_keys2', :mode => '600' + ssh.upload! LeapCli::Path.vagrant_ssh_pub_key_file, '/root/.ssh/authorized_keys2', :mode => 0600 end end @@ -114,8 +114,8 @@ module LeapCli node_init_path = File.join(bin_dir, 'node_init') ssh.log :running, "node_init script" do mkdirs bin_dir - ssh.upload! LeapCli::Path.node_init_script, node_init_path, :mode => '500' - ssh.stream node_init_path + ssh.upload! LeapCli::Path.node_init_script, node_init_path, :mode => 0700 + ssh.stream node_init_path, :log_wrap => true end end |