simplified handling of SSH agent handling, obsoleted DO_SLAVE_SSH_AGENT option (VRF 1.5.1) [Patrick Van der Veken]

2015-10-10 21:15:16 +02:00 · 2015-10-10 21:15:16 +02:00 · 554661e502
commit 554661e502
parent 50c62d7a4b
2 changed files with 11 additions and 42 deletions
--- a/manage_sudo.conf
+++ b/manage_sudo.conf
@ -51,11 +51,8 @@ SSH_KEYSCAN_ARGS="-t rsa"
 # whether to start an SSH agent process for the master->client operations [0=No; 1=Yes]
 DO_SSH_AGENT=0

-# whether to start an SSH agent process for the master->slave->client operations [0=No; 1=Yes]
-DO_SSH_SLAVE_AGENT=0
-
 # location of the SSH private key that should be added to the SSH agent process
-# must be a passphrase-less key (required when using DO_SSH_AGENT, DO_SSH_SLAVE_AGENT)
+# must be a passphrase-less key (required when using DO_SSH_AGENT)
 SSH_PRIVATE_KEY="$HOME/.ssh/id_rsa"

 # maximum number of background process to spawn (~maxuprc, ~nstrpty etc)
--- a/manage_sudo.sh
+++ b/manage_sudo.sh
@ -59,6 +59,8 @@
 # @(#) 2015-10-03: added --slave option, 3 new configuration parameters & supporting
 # @(#)             functions for master->slave operations, several bug fixes including
 # @(#)             sudoers.d ownerships on HP-UX (VRF 1.5.0) [Patrick Van der Veken]
+# @(#) 2015-10-09: simplified handling of SSH agent handling, obsoleted
+# @(#)             DO_SLAVE_SSH_AGENT option (VRF 1.5.1) [Patrick Van der Veken]
 # -----------------------------------------------------------------------------
 # DO NOT CHANGE THIS FILE UNLESS YOU KNOW WHAT YOU ARE DOING!
 #******************************************************************************
@ -72,7 +74,7 @@
 # or LOCAL_CONFIG_FILE instead

 # define the V.R.F (version/release/fix)
-MY_VRF="1.5.0"
+MY_VRF="1.5.1"
 # name of the global configuration file (script)
 GLOBAL_CONFIG_FILE="manage_sudo.conf"
 # name of the local configuration file (script)
@ -172,12 +174,6 @@ then
    print -u2 "ERROR:no value for the DO_SSH_AGENT setting in the configuration file"
    exit 1
 fi
-# DO_SSH_SLAVE_AGENT
-if [[ -z "${DO_SSH_SLAVE_AGENT}" ]]
-then
-    print -u2 "ERROR:no value for the DO_SSH_SLAVE_AGENT setting in the configuration file"
-    exit 1
-fi
 # MAX_BACKGROUND_PROCS
 if [[ -z "${MAX_BACKGROUND_PROCS}" ]]
 then
@ -392,10 +388,10 @@ then
    CAN_DISCOVER_KEYS=0
 fi
 # check for SSH agent pre-requisites
-if (( DO_SSH_AGENT || DO_SSH_SLAVE_AGENT ))
+if (( DO_SSH_AGENT ))
 then
    # ssh-agent
-    which ssh-agent 2>/dev/null
+    which ssh-agent >/dev/null 2>/dev/null
    if (( $? ))
    then
        print -u2 "WARN: ssh-agent not available on ${HOST_NAME}"
@ -1449,14 +1445,6 @@ case ${ARG_ACTION} in
                die "problem with launching an SSH agent, bailing out"
            fi
        fi
-        if (( DO_SLAVE && DO_SSH_SLAVE_AGENT && CAN_START_AGENT ))
-        then
-            start_ssh_agent
-            if (( $? ))
-            then
-                die "problem with launching an SSH agent, bailing out"
-            fi
-        fi
        # build clients list (in array)
        cat "${TARGETS_FILE}" | grep -v -E -e '^#' -e '^$' |\
        {
@ -1497,7 +1485,7 @@ case ${ARG_ACTION} in
        wait_for_children ${PIDS} || \
            warn "$? background jobs (possibly) failed to complete correctly"
        # stop SSH agent if needed
-        (( ( DO_SSH_AGENT || ( DO_SLAVE && DO_SSH_SLAVE_AGENT )) && CAN_START_AGENT )) && \
+        (( DO_SSH_AGENT && CAN_START_AGENT )) && \
            stop_ssh_agent
        log "finished applying SUDO controls remotely"
        ;;
@ -1513,14 +1501,6 @@ case ${ARG_ACTION} in
                die "problem with launching an SSH agent, bailing out"
            fi
        fi
-        if (( DO_SLAVE && DO_SSH_SLAVE_AGENT && CAN_START_AGENT ))
-        then
-            start_ssh_agent
-            if (( $? ))
-            then
-                die "problem with launching an SSH agent, bailing out"
-            fi
-        fi
        # build clients list (in array)
        cat "${TARGETS_FILE}" | grep -v -E -e '^#' -e '^$' |\
        {
@ -1561,7 +1541,7 @@ case ${ARG_ACTION} in
        wait_for_children ${PIDS} || \
            warn "$? background jobs (possibly) failed to complete correctly"
        # stop SSH agent if needed
-        (( ( DO_SSH_AGENT || ( DO_SLAVE && DO_SSH_SLAVE_AGENT )) && CAN_START_AGENT )) && \
+        (( DO_SSH_AGENT && CAN_START_AGENT )) && \
            stop_ssh_agent
        log "finished copying/distributing SUDO controls"
        ;;
@ -1726,14 +1706,6 @@ case ${ARG_ACTION} in
                die "problem with launching an SSH agent, bailing out"
            fi
        fi
-        if (( DO_SLAVE && DO_SSH_SLAVE_AGENT && CAN_START_AGENT ))
-        then
-            start_ssh_agent
-            if (( $? ))
-            then
-                die "problem with launching an SSH agent, bailing out"
-            fi
-        fi
        # derive SUDO controls repo from $REMOTE_DIR:
        # /etc/sudo_controls/holding -> /etc/sudo_controls
        FIX_DIR="$(print ${REMOTE_DIR%/*})"
@ -1779,7 +1751,7 @@ case ${ARG_ACTION} in
        wait_for_children ${PIDS} || \
            warn "$? background jobs (possibly) failed to complete correctly"
        # stop SSH agent if needed
-        (( ( DO_SSH_AGENT || ( DO_SLAVE && DO_SSH_SLAVE_AGENT )) && CAN_START_AGENT )) && \
+        (( DO_SSH_AGENT && CAN_START_AGENT )) && \
            stop_ssh_agent
        log "finished applying fixes to the remote SUDO control repository"
        ;;