begin to implement user service

author: Andrew Cady <d@jerkface.net> 2023-05-27 15:55:07 -0400
committer: Andrew Cady <d@jerkface.net> 2023-05-27 15:55:07 -0400
commit: f2ac2fe76e6d8fcad24daa1f8c16e207e95465f1 (patch)
tree: cb512e4ccc8c66f24ed2619b40f6a9e355e2f92e /src
parent: c9316cfc8e206a54973976eae71649007eef2720 (diff)
3 files changed, 40 insertions, 0 deletions
diff --git a/src/endofossil b/src/endofossil
new file mode 100644
index 0000000..401806f
--- /dev/null
+++ b/src/endofossil
@@ -0,0 +1,29 @@
+#!/bin/bash
+set -e
+IFS=/ read n pid uid <<< "$1"
+[ "$pid" ]
+authtype=
+while read -d ''
+do
+    case "${REPLY%%=*}" in
+        'SSH_USER_AUTH' ) read authtype keytype keyvalue < "${REPLY#*=}" ;;
+    esac
+done < /proc/$pid/environ
+[ "$authtype" = publickey ]
+keyhash=
+while read
+do
+    set -- $REPLY
+    if [ "$3 $5" = 'SSHFP 2' ]
+    then
+        keyhash=$6
+        break
+    fi
+done < <(ssh-keygen -f <(printf '%s\n' "$keytype $keyvalue") -r .)
+[ "$keyhash" ]
+printf '%s\n' "$keyhash"
diff --git a/src/fossil-user.socket b/src/fossil-user.socket
new file mode 100644
index 0000000..eab5a51
--- /dev/null
+++ b/src/fossil-user.socket
@@ -0,0 +1,5 @@
+[Socket]
+Accept = yes
+ListenStream = /run/fossil-user.S
+SocketUser = d
+SocketMode = 0600
diff --git a/src/fossil-user@.service b/src/fossil-user@.service
new file mode 100644
index 0000000..1b70358
--- /dev/null
+++ b/src/fossil-user@.service
@@ -0,0 +1,6 @@
+[Unit]
+Description = Fossil server process
+[Service]
+StandardInput=socket
+ExecStart = endofossil '%I'
author	Andrew Cady <d@jerkface.net>	2023-05-27 15:55:07 -0400
committer	Andrew Cady <d@jerkface.net>	2023-05-27 15:55:07 -0400
commit	f2ac2fe76e6d8fcad24daa1f8c16e207e95465f1 (patch)
tree	cb512e4ccc8c66f24ed2619b40f6a9e355e2f92e /src
parent	c9316cfc8e206a54973976eae71649007eef2720 (diff)

diff --git a/src/endofossil b/src/endofossil new file mode 100644 index 0000000..401806f --- /dev/null +++ b/src/endofossil
@@ -0,0 +1,29 @@
	1	#!/bin/bash
	2	set -e
	3
	4
	5	IFS=/ read n pid uid <<< "$1"
	6	[ "$pid" ]
	7
	8	authtype=
	9	while read -d ''
	10	do
	11	case "${REPLY%%=*}" in
	12	'SSH_USER_AUTH' ) read authtype keytype keyvalue < "${REPLY#*=}" ;;
	13	esac
	14	done < /proc/$pid/environ
	15	[ "$authtype" = publickey ]
	16
	17	keyhash=
	18	while read
	19	do
	20	set -- $REPLY
	21	if [ "$3 $5" = 'SSHFP 2' ]
	22	then
	23	keyhash=$6
	24	break
	25	fi
	26	done < <(ssh-keygen -f <(printf '%s\n' "$keytype $keyvalue") -r .)
	27	[ "$keyhash" ]
	28
	29	printf '%s\n' "$keyhash"


diff --git a/src/fossil-user.socket b/src/fossil-user.socket new file mode 100644 index 0000000..eab5a51 --- /dev/null +++ b/src/fossil-user.socket
@@ -0,0 +1,5 @@
	1	[Socket]
	2	Accept = yes
	3	ListenStream = /run/fossil-user.S
	4	SocketUser = d
	5	SocketMode = 0600


diff --git a/src/fossil-user@.service b/src/fossil-user@.service new file mode 100644 index 0000000..1b70358 --- /dev/null +++ b/src/fossil-user@.service
@@ -0,0 +1,6 @@
	1	[Unit]
	2	Description = Fossil server process
	3
	4	[Service]
	5	StandardInput=socket
	6	ExecStart = endofossil '%I'