From 4d7a9886184d73dca57fa531a83bb6dc9f51e07c Mon Sep 17 00:00:00 2001 From: Patrick Van der Veken Date: Fri, 25 Jul 2025 21:15:13 +0200 Subject: [PATCH] Add logic to create $HOME/.ssh if not exists, but only as user root. --- update_ssh.pl | 18 +++++++++++++++--- 1 file changed, 15 insertions(+), 3 deletions(-) diff --git a/update_ssh.pl b/update_ssh.pl index 8003965..b82da94 100644 --- a/update_ssh.pl +++ b/update_ssh.pl @@ -42,7 +42,7 @@ use Pod::Usage; # ------------------------- CONFIGURATION starts here ------------------------- # define the version (YYYY-MM-DD) -my $script_version = "2025-04-27"; +my $script_version = "2025-07-25"; # name of global configuration file (no path, must be located in the script directory) my $global_config_file = "update_ssh.conf"; # name of localized configuration file (no path, must be located in the script directory) @@ -720,8 +720,20 @@ SET_KEY: foreach my $account (sort (@accounts)) { if ($access{$account}) { unless ($preview) { - # do not create root or intermediate paths in $access_file; - # e.g. if $HOME/.ssh/authorized_keys is the public key path, then $HOME/.ssh must already exist + # create $HOME/.ssh if needed but only when we are root + if ($key_location eq 'use_sshd' and defined ($authorizedkeys_option)) { + if ($> == 0) { + if (! -d "$home_dir/.ssh") { + mkdir ("$home_dir/.ssh", 0700) + or do_log "ERROR: failed to create the $home_dir/.ssh directory [$!/$hostname]" + and next SET_KEY; + chown ($uid, $gid, "$home_dir/.ssh") + or do_log "ERROR: failed to set onwerships on the $home_dir/.ssh directory [$!/$hostname]" + and next SET_KEY; + do_log ("DEBUG: created directory $home_dir/.ssh for $account [$hostname]"); + } + } + } open (KEYFILE, "+>", $access_file) or do_log ("ERROR: cannot open file for writing at $access_file [$!/$hostname]") and next SET_KEY;