/usr/share/gitolite/gl-setup-authkeys is in gitolite 2.3-1.
This file is owned by root:root, with mode 0o755.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 | #!/usr/bin/perl -w
# documentation for this program is right here, please read
# IMPORTANT: also see usage notes below
# BACKGROUND/PURPOSE:
# - an external program populates "keydir" with *all* keys and then
# calls this program, giving "keydir" as arg-1
# - we then call gitolite.pm's "setup_authkeys" function to do its thing
# arg-1: keydir
# DISCUSSION:
#
# For now, we will assume *all* the keys are in the keydir passed. The
# setup_authkeys routine factored out from the old gl-compile-conf is not
# setup to take a partial set of keys and create the ~/.ssh/authorized_keys
# file.
#
# Also, there are issues to do with *deleted* keys that need to be taken care
# of.
#
# All in all, unless it is shown to be quite inefficient, I'd much prefer
# processing *all* keys each time there is a change.
use strict;
use warnings;
use FindBin;
BEGIN { $ENV{GL_BINDIR} = $FindBin::Bin; }
use lib $ENV{GL_BINDIR};
use gitolite_rc;
use gitolite;
use Getopt::Long;
my $batch = 0;
GetOptions('batch' => \$batch);
# prevent newbie from running it accidentally and clobbering his authkeys file!
unless ($batch) {
print STDERR "
This is a cronnable, batchable, program to rewrite ~/.ssh/authorized_keys
using public keys in a given directory. You MUST make sure you run the
one that is in the same directory as that used by gl-auth-command (and for
what that is, see ~/.ssh/authorized_keys).
This should work:
gl-setup-authkeys -batch keydir
where 'keydir' contains a bunch of '*.pub' files.\n\n";
exit 1;
}
# quick sanity check and run
my $keydir = shift or die "I need a directory name\n";
-d $keydir or die "$keydir should be a directory\n";
setup_authkeys($keydir);
|