summaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
authorelijah <elijah@riseup.net>2016-07-01 22:38:09 -0700
committerelijah <elijah@riseup.net>2016-07-01 22:38:09 -0700
commitf354e8fa66e49bd989aba196488bfc12f27a92ac (patch)
treea232e682ba515c485cea51261c0fbdc74386859e /lib
parent5780f5dcc024d4f140fe8f6e8dc3f7c4e905a8ec (diff)
fix access to vagrant key file
Diffstat (limited to 'lib')
-rw-r--r--lib/leap_cli/commands/ssh.rb3
-rw-r--r--lib/leap_cli/commands/vagrant.rb19
-rw-r--r--lib/leap_cli/load_libraries.rb1
-rw-r--r--lib/leap_cli/ssh/options.rb2
-rw-r--r--lib/leap_cli/util/vagrant.rb26
5 files changed, 30 insertions, 21 deletions
diff --git a/lib/leap_cli/commands/ssh.rb b/lib/leap_cli/commands/ssh.rb
index 695812b8..03192071 100644
--- a/lib/leap_cli/commands/ssh.rb
+++ b/lib/leap_cli/commands/ssh.rb
@@ -179,7 +179,8 @@ module LeapCli; module Commands
"-o 'UserKnownHostsFile=/dev/null'"
]
if node.vagrant?
- options << "-i #{vagrant_ssh_key_file}" # use the universal vagrant insecure key
+ # use the universal vagrant insecure key:
+ options << "-i #{LeapCli::Util::Vagrant.vagrant_ssh_key_file}"
options << "-o IdentitiesOnly=yes" # force the use of the insecure vagrant key
options << "-o 'StrictHostKeyChecking=no'" # blindly accept host key and don't save it
# (since userknownhostsfile is /dev/null)
diff --git a/lib/leap_cli/commands/vagrant.rb b/lib/leap_cli/commands/vagrant.rb
index 9fdd48e3..8d66a84a 100644
--- a/lib/leap_cli/commands/vagrant.rb
+++ b/lib/leap_cli/commands/vagrant.rb
@@ -70,25 +70,6 @@ module LeapCli; module Commands
end
end
- public
-
- #
- # returns the path to a vagrant ssh private key file.
- #
- # if the vagrant.key file is owned by root or ourselves, then
- # we need to make sure that it owned by us and not world readable.
- #
- def vagrant_ssh_key_file
- file_path = Path.vagrant_ssh_priv_key_file
- Util.assert_files_exist! file_path
- uid = File.new(file_path).stat.uid
- if uid == 0 || uid == Process.euid
- FileUtils.install file_path, '/tmp/vagrant.key', :mode => 0600
- file_path = '/tmp/vagrant.key'
- end
- return file_path
- end
-
protected
def vagrant_command(cmds, args, options={})
diff --git a/lib/leap_cli/load_libraries.rb b/lib/leap_cli/load_libraries.rb
index 19f4edb5..cec3812d 100644
--- a/lib/leap_cli/load_libraries.rb
+++ b/lib/leap_cli/load_libraries.rb
@@ -18,3 +18,4 @@ require 'leap_cli/config/manager'
require 'leap_cli/util/secret'
require 'leap_cli/util/x509'
+require 'leap_cli/util/vagrant'
diff --git a/lib/leap_cli/ssh/options.rb b/lib/leap_cli/ssh/options.rb
index 0bbaa36f..d991cc29 100644
--- a/lib/leap_cli/ssh/options.rb
+++ b/lib/leap_cli/ssh/options.rb
@@ -58,7 +58,7 @@ module LeapCli
def self.contingent_ssh_options_for_node(node)
opts = {}
if node.vagrant?
- opts[:keys] = [vagrant_ssh_key_file]
+ opts[:keys] = [LeapCli::Util::Vagrant.vagrant_ssh_key_file]
opts[:keys_only] = true # only use the keys specified above, and
# ignore whatever keys the ssh-agent is aware of.
opts[:paranoid] = false # we skip host checking for vagrant nodes,
diff --git a/lib/leap_cli/util/vagrant.rb b/lib/leap_cli/util/vagrant.rb
new file mode 100644
index 00000000..c67ea4f1
--- /dev/null
+++ b/lib/leap_cli/util/vagrant.rb
@@ -0,0 +1,26 @@
+require 'fileutils'
+
+module LeapCli
+ module Util
+ module Vagrant
+
+ #
+ # returns the path to a vagrant ssh private key file.
+ #
+ # if the vagrant.key file is owned by root or ourselves, then
+ # we need to make sure that it owned by us and not world readable.
+ #
+ def self.vagrant_ssh_key_file
+ file_path = Path.vagrant_ssh_priv_key_file
+ Util.assert_files_exist! file_path
+ uid = File.new(file_path).stat.uid
+ if uid == 0 || uid == Process.euid
+ FileUtils.install file_path, '/tmp/vagrant.key', :mode => 0600
+ file_path = '/tmp/vagrant.key'
+ end
+ return file_path
+ end
+
+ end
+ end
+end \ No newline at end of file