From a1742bdd3177d70ec1f5fde58f9435e82793e1ee Mon Sep 17 00:00:00 2001 From: "William A. Kennington III" Date: Mon, 5 Jun 2023 16:37:34 -0700 Subject: meta-google: authorized-keys-comp: Fix shellcheck issues Change-Id: I31aa8a608e404e50325569fdd97617033d4f3edf Signed-off-by: William A. Kennington III --- .../ssh/authorized-keys-comp/authorized-keys-comp.sh | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/meta-google/recipes-google/ssh/authorized-keys-comp/authorized-keys-comp.sh b/meta-google/recipes-google/ssh/authorized-keys-comp/authorized-keys-comp.sh index caff0a7a46..836ec70b6f 100644 --- a/meta-google/recipes-google/ssh/authorized-keys-comp/authorized-keys-comp.sh +++ b/meta-google/recipes-google/ssh/authorized-keys-comp/authorized-keys-comp.sh @@ -3,12 +3,12 @@ shopt -s nullglob # We want to iterate over all system users, check if they are opted-in to ssh # authorized_keys building, and then construct their keyfile -for user in $(cut -d':' -f1 /etc/passwd); do - home="$(eval echo ~$user)" || continue - link="$(readlink $home/.ssh/authorized_keys 2>/dev/null)" || continue +while read -r user; do + home="$(eval echo "~$user")" || continue + link="$(readlink "$home"/.ssh/authorized_keys 2>/dev/null)" || continue # Users are only opted-in if they symlink to our well-known directory where # the final output of this script lives. - if [ "$link" != "/run/authorized_keys/$user" ]; then + if [[ $link != "/run/authorized_keys/$user" ]]; then echo "Ignoring $user $home/.ssh/authorized_keys" >&2 continue fi @@ -46,6 +46,6 @@ for user in $(cut -d':' -f1 /etc/passwd); do cat "${basemap[$key]}" >>/run/authorized_keys.tmp done mkdir -p /run/authorized_keys - mv /run/authorized_keys.tmp /run/authorized_keys/$user - chown $user /run/authorized_keys/$user -done + mv /run/authorized_keys.tmp /run/authorized_keys/"$user" + chown "$user" /run/authorized_keys/"$user" +done < <(cut -d':' -f1 /etc/passwd) -- cgit v1.2.3