From a84d3cb7e9659b57ad3bbca6cc894a46fbf741fd Mon Sep 17 00:00:00 2001 From: Joel Klinghed Date: Wed, 4 Jun 2025 00:11:41 +0200 Subject: Make integration actually work Add logs Add remote keys for each user --- server/src/authorized_keys.rs | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-) (limited to 'server/src/authorized_keys.rs') diff --git a/server/src/authorized_keys.rs b/server/src/authorized_keys.rs index 21651ef..81885b3 100644 --- a/server/src/authorized_keys.rs +++ b/server/src/authorized_keys.rs @@ -1,9 +1,11 @@ use futures::stream::TryStreamExt; +use log::{error, info}; use rocket::fairing::{self, AdHoc}; use rocket::serde::Deserialize; use rocket::{Build, Rocket}; use rocket_db_pools::{sqlx, Database}; use std::borrow::Cow; +use std::os::unix::fs::MetadataExt; use std::path::{Path, PathBuf}; use std::sync::Mutex; use tokio::fs; @@ -86,8 +88,18 @@ impl AuthorizedKeys { let tmp = path.with_extension("new"); fs::write(&tmp, content.as_bytes()).await?; + if let Ok(metadata) = fs::metadata(path).await { + // Try to replicate ownership and permissions of original file + fs::set_permissions(&tmp, metadata.permissions()) + .await + .unwrap_or(()); + std::os::unix::fs::chown(&tmp, Some(metadata.uid()), Some(metadata.gid())) + .unwrap_or(()); + } fs::rename(tmp, path).await?; + info!("Updated {path:?}, {} keys", keys.len()); + Ok(()) } } @@ -127,7 +139,10 @@ async fn setup_users(rocket: Rocket) -> fairing::Result { Some(roots) => match Db::fetch(&rocket) { Some(db) => match setup_users_keys(roots, config, db).await { Ok(_) => Ok(rocket), - Err(_) => Err(rocket), + Err(e) => { + error!("{e:?}"); + Err(rocket) + } }, None => Err(rocket), }, -- cgit v1.2.3-70-g09d2