diff options
Diffstat (limited to 'update-openssh-known-hosts')
| -rwxr-xr-x | update-openssh-known-hosts | 76 |
1 files changed, 42 insertions, 34 deletions
diff --git a/update-openssh-known-hosts b/update-openssh-known-hosts index 6d72663..9eee3ec 100755 --- a/update-openssh-known-hosts +++ b/update-openssh-known-hosts @@ -25,23 +25,24 @@ CACHEDIR=${CACHEDIR:-/var/cache/openssh-known-hosts} LOCK=${LOCK:-/var/lock/openssh-known-hosts} OUTFILE=${OUTFILE:-/var/lib/openssh-known-hosts/ssh_known_hosts} +readonly CONFDIR PLUGIN_PATH CACHEDIR LOCK OUTFILE + path_search () { - search="$1" - shift - local IFS - IFS=: - set -- $@ + local search=$1 + local -a pathlist + IFS=: read -ra pathlist <<< "$2" + if [[ ${search} =~ / ]]; then echo "${search}" return 0 fi - for path; do + for path in "${pathlist[@]}"; do if [ -f "${path}/${search}" ]; then echo "${path}/${search}" return 0 fi done - echo "'${search}' not found in '$*'!" >&2 + echo "'${search}' not found in '$2'!" >&2 exit 127 } @@ -51,6 +52,36 @@ cleanup () { lockfile-remove "${LOCK}" } +download_source () ( + local sourcename=$1 + local sourcefile=$2 + + cd "${CACHEDIR}/${sourcename}" + set -a + . "${sourcefile}" + set +a + # shellcheck disable=SC2091 + $(path_search "$PLUGIN" "$PLUGIN_PATH") >| log 2>&1 || { + exitcode=$? + rm -f new + ignore='' + for e in ${EXIT_IGNORE:-0}; do + if [[ $e = "$exitcode" ]]; then + ignore=1 + break + fi + done + if [ -z "$ignore" ] || [ "$fail" ]; then + echo "${source} exited with code ${exitcode}, log follows:" + cat log + echo + fi + if [ "$fail" ]; then + exit 1 + fi + } >&2 +) + if [ $# -eq 1 ] && [ "$1" = "-f" ]; then fail=1 else @@ -68,33 +99,10 @@ cd "${CACHEDIR}" find -mindepth 2 -maxdepth 2 -type f -name new -delete -run-parts --list "${CONFDIR}/sources/" | while read sourcefile; do +run-parts --list "${CONFDIR}/sources/" | while read -r sourcefile; do source=${sourcefile##*/} mkdir -p "${source}" - ( - set -a - cd "${source}" - . "${sourcefile}" - $(path_search "$PLUGIN" "$PLUGIN_PATH") >| log 2>&1 || { - exitcode=$? - rm -f new - ignore='' - for e in ${EXIT_IGNORE:-0}; do - if [[ $e = "$exitcode" ]]; then - ignore=1 - break - fi - done - if [ -z "$ignore" -o "$fail" ]; then - echo "${source} exited with code ${exitcode}, log follows:" - cat log - echo - fi - if [ "$fail" ]; then - exit 1 - fi - } >&2 - ) || exit 1 + download_source "${source}" "${sourcefile}" if [ -e "${source}/new" ]; then mv "${source}/new" "${source}/current" fi @@ -107,8 +115,8 @@ run-parts --list "${CONFDIR}/sources/" | while read sourcefile; do unset filter[$i] fi done - while read hostlist rest; do - IFS=, read -a hostarray <<<"$hostlist" + while read -r hostlist rest; do + IFS=, read -ra hostarray <<<"$hostlist" new_hostlist='' for host in "${hostarray[@]}"; do for rule in "${filter[@]}"; do |