-#!/bin/bash -l
+#!/bin/bash
# Copyright (C) 2016 Ian Kelling
-# This program is under GPL v. 3 or later, see <http://www.gnu.org/licenses/>
-if s test -e /q/root/.ssh; then
- s lnf /q/root/.ssh /root
-else
- mkdir /root/.ssh
-fi
-s cp -rL $(eval echo ~${SUDO_USER:-$USER})/.ssh/* /root/.ssh
-s chown -R root:root /root/.ssh
+
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+
+# http://www.apache.org/licenses/LICENSE-2.0
+
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+set -eE -o pipefail
+trap 'echo "$0:$LINENO:error: \"$BASH_COMMAND\" returned $?" >&2' ERR
+
+[[ $EUID == 0 ]] || exec sudo -E "${BASH_SOURCE[0]}" "$@"
+
+dest=/root/.ssh
+
+# leftover
+if [[ -L $dest ]]; then
+ rm $dest
+fi
+mkdir -p $dest
+chmod 700 $dest
+
+user=$(id -un)
+if [[ $SUDO_USER ]]; then
+ user=$SUDO_USER
+fi
+
+user_ssh_dir=$(eval echo ~$user)/.ssh
+if [[ ! -s $user_ssh_dir/authorized_keys ]]; then
+ echo missing $user_ssh_dir/authorized_keys. bad sign. bailing >&2
+ exit 1
+fi
+
+# remove broken links, or else rsync has error about them.
+find $user_ssh_dir -xtype l -exec rm '{}' \;
+# -t times, so it won't rewrite the file every time,
+# -L resolve links
+rsync -rtL --delete $user_ssh_dir/ $dest
+chown -R root:root /root/.ssh
+
+
+d=/etc/initramfs-tools
+if [[ -e $d ]] && ! diff -q /root/.ssh/authorized_keys $d/root/.ssh/authorized_keys &>/dev/null; then
+ mkdir -p $d/root/.ssh /etc/dropbear-initramfs
+ chmod 700 $d/root $d/root/.ssh
+ cp -p /root/.ssh/authorized_keys $d/root/.ssh/authorized_keys
+ cp -p /root/.ssh/authorized_keys /etc/dropbear-initramfs
+ update-initramfs -u -k all
+fi
iankelling.org / git / distro-setup / blobdiff