#!/bin/bash
#
# autofs(5) executable map for /var/pl_sshd/keys/
#
# Mark Huang <mlhuang@cs.princeton.edu>
# Copyright (C) 2004 The Trustees of Princeton University
#
# $Id: auto.pl_sshd,v 1.3 2004/10/04 22:20:11 mlhuang Exp $
#

usage()
{
    echo "usage: $0 slice" >/dev/stderr
    exit 1
}

[ -z "$1" ] && usage
slice="$1"

# Try real home directory first
eval home="~$slice"
if [ -f "$home/.ssh/authorized_keys" ] ; then
    echo "--bind,-r :$home/.ssh"
    exit 0
fi

# Try virtual server home directory next
vbase=/vservers/$slice
keyfile=/home/$slice/.ssh/authorized_keys

echo -n "Retrieving SSH keys for $slice... " >/dev/stderr

keydata=`curl -s \
    --fail \
    --max-time 15 \
    "http://localhost:815/keys?slice=$slice"`

rc=$?
if [ "$rc" -ne 0 ] ; then
    echo "curl failed with error $rc." >/dev/stderr
    exit $rc
fi

# write the keyfile while running as the slice user, this prevents
# various potential exploits
su - $slice >/dev/null 2>&1 <<EOF
install -d -m 700 ${keyfile%/*}
touch $keyfile
chmod 600 $keyfile
echo $keydata >$keyfile
EOF

if [ "`cat $vbase$keyfile 2>/dev/null`" != "$keydata" ]; then
    echo "unable to write $vbase$keyfile." >/dev/stderr
    exit 1
fi

echo "succeeded." >/dev/stderr

echo "--bind,-r :$vbase/home/$slice/.ssh"
exit 0