- auth_keys = os.path.join(dot_ssh,'authorized_keys')
- logger.log("new keys = %s" % auth_keys)
- fd, fname = tempfile.mkstemp('','authorized_keys',dot_ssh)
-
- for key in new_keys:
- os.write(fd,key)
- os.write(fd,'\n')
-
- os.close(fd)
- if os.path.exists(auth_keys):
- os.unlink(auth_keys)
- os.rename(fname,auth_keys)
-
- # set permissions properly
- os.chmod(dot_ssh, 0700)
- os.chown(dot_ssh, uid,gid)
- os.chmod(auth_keys, 0600)
- os.chown(auth_keys, uid,gid)
-
- logger.log('specialacounts: installed ssh keys for %s' % name)
+ auth_keys = os.path.join(dot_ssh, 'authorized_keys')
+
+ # catenate all keys in string, add newlines just in case (looks like keys already have this, but)
+ auth_keys_contents = '\n'.join(new_keys)+'\n'
+
+ changes = tools.replace_file_with_string(auth_keys, auth_keys_contents)
+ if changes:
+ logger.log("specialaccounts: keys file changed: %s" % auth_keys)
+
+ # always set permissions properly
+ os.chmod(dot_ssh, 0o700)
+ os.chown(dot_ssh, uid, gid)
+ os.chmod(auth_keys, 0o600)
+ os.chown(auth_keys, uid, gid)
+
+ logger.log('specialaccounts: installed ssh keys for %s' % name)