| Darren Tucker | 62ee222 | 2013-05-17 20:46:00 +1000 | [diff] [blame] | 1 | # $OpenBSD: agent-getpeereid.sh,v 1.5 2013/05/17 10:33:09 dtucker Exp $ |
| Damien Miller | 8b9cde7 | 2003-01-22 17:53:16 +1100 | [diff] [blame] | 2 | # Placed in the Public Domain. |
| 3 | |
| 4 | tid="disallow agent attach from other uid" |
| 5 | |
| 6 | UNPRIV=nobody |
| 7 | ASOCK=${OBJ}/agent |
| Damien Miller | d666d8e | 2008-03-12 23:58:55 +1100 | [diff] [blame] | 8 | SSH_AUTH_SOCK=/nonexistent |
| Damien Miller | 8b9cde7 | 2003-01-22 17:53:16 +1100 | [diff] [blame] | 9 | |
| Tim Rice | 6dfcd34 | 2011-01-16 22:53:56 -0800 | [diff] [blame] | 10 | if config_defined HAVE_GETPEEREID HAVE_GETPEERUCRED HAVE_SO_PEERCRED ; then |
| 11 | : |
| 12 | else |
| Darren Tucker | 2297ac4 | 2003-09-04 13:49:30 +1000 | [diff] [blame] | 13 | echo "skipped (not supported on this platform)" |
| 14 | exit 0 |
| 15 | fi |
| Damien Miller | 7b1877c | 2006-07-24 15:31:41 +1000 | [diff] [blame] | 16 | if [ -z "$SUDO" ]; then |
| 17 | echo "skipped: need SUDO to switch to uid $UNPRIV" |
| 18 | exit 0 |
| 19 | fi |
| 20 | |
| Damien Miller | 8b9cde7 | 2003-01-22 17:53:16 +1100 | [diff] [blame] | 21 | trace "start agent" |
| 22 | eval `${SSHAGENT} -s -a ${ASOCK}` > /dev/null |
| 23 | r=$? |
| 24 | if [ $r -ne 0 ]; then |
| 25 | fail "could not start ssh-agent: exit code $r" |
| 26 | else |
| 27 | chmod 644 ${SSH_AUTH_SOCK} |
| 28 | |
| 29 | ssh-add -l > /dev/null 2>&1 |
| 30 | r=$? |
| 31 | if [ $r -ne 1 ]; then |
| 32 | fail "ssh-add failed with $r != 1" |
| 33 | fi |
| 34 | |
| Damien Miller | 1ccbfa8 | 2011-01-17 11:52:40 +1100 | [diff] [blame] | 35 | < /dev/null ${SUDO} -S -u ${UNPRIV} ssh-add -l 2>/dev/null |
| Damien Miller | 8b9cde7 | 2003-01-22 17:53:16 +1100 | [diff] [blame] | 36 | r=$? |
| 37 | if [ $r -lt 2 ]; then |
| 38 | fail "ssh-add did not fail for ${UNPRIV}: $r < 2" |
| 39 | fi |
| 40 | |
| 41 | trace "kill agent" |
| 42 | ${SSHAGENT} -k > /dev/null |
| 43 | fi |
| 44 | |
| 45 | rm -f ${OBJ}/agent |