diff options
author | Daniel Silverstone <daniel.silverstone@codethink.co.uk> | 2014-03-26 14:06:59 +0000 |
---|---|---|
committer | Daniel Silverstone <daniel.silverstone@codethink.co.uk> | 2014-03-26 14:06:59 +0000 |
commit | f4e7fe150807d12f808ee7b82c1d7f700c0b99b3 (patch) | |
tree | 6ddcbee5cde6cf68406d0fa1be73bb9949d099f1 | |
parent | 6449d723aa1327017baaf48b82650f0d125c0508 (diff) | |
download | baserock-chroot-f4e7fe150807d12f808ee7b82c1d7f700c0b99b3.tar.gz |
Forward SSH authentication agent and enable ssh in chroot.
The SSH authentication agent is supported by a pairing of a socket and an
environment variable. This patch ensures that no matter where the agent socket
might be, a new socket in /tmp (always shared with the chroot) is made and
forwarded into the chroot's environment via 'env'
-rwxr-xr-x | enter-baserock | 18 |
1 files changed, 17 insertions, 1 deletions
diff --git a/enter-baserock b/enter-baserock index d133364..4ce2b52 100755 --- a/enter-baserock +++ b/enter-baserock @@ -38,4 +38,20 @@ if test "x$CHOSEN" = "x"; then fi cd / -exec sudo -H schroot -c "baserock-$CHOSEN" + +if test "x$SSH_AUTH_SOCK" != "x"; then + echo "Forwarding SSH agent into chroot" + TDIR=$(mktemp --tmpdir=/tmp -d) + SOCK="${TDIR}/auth-sock" + socat "UNIX-LISTEN:${SOCK},fork" "UNIX-CONNECT:${SSH_AUTH_SOCK}" >/dev/null 2>/dev/null & + SOCAT_PID=$! + cleanup () { + echo "Clearing up SSH agent forwarding" + kill $SOCAT_PID >/dev/null 2>/dev/null + rm -rf "${TDIR}" + } + trap cleanup 0 + sudo -H schroot -c "baserock-$CHOSEN" -- /usr/bin/env "SSH_AUTH_SOCK=$SOCK" /bin/bash -l +else + exec sudo -H schroot -c "baserock-$CHOSEN" +fi |