summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDaniel Silverstone <daniel.silverstone@codethink.co.uk>2014-03-26 14:06:59 (GMT)
committerDaniel Silverstone <daniel.silverstone@codethink.co.uk>2014-03-26 14:06:59 (GMT)
commitf4e7fe150807d12f808ee7b82c1d7f700c0b99b3 (patch)
tree6ddcbee5cde6cf68406d0fa1be73bb9949d099f1
parent6449d723aa1327017baaf48b82650f0d125c0508 (diff)
downloadbaserock-chroot-f4e7fe150807d12f808ee7b82c1d7f700c0b99b3.tar.gz
Forward SSH authentication agent and enable ssh in chroot.
The SSH authentication agent is supported by a pairing of a socket and an environment variable. This patch ensures that no matter where the agent socket might be, a new socket in /tmp (always shared with the chroot) is made and forwarded into the chroot's environment via 'env'
-rwxr-xr-xenter-baserock18
1 files changed, 17 insertions, 1 deletions
diff --git a/enter-baserock b/enter-baserock
index d133364..4ce2b52 100755
--- a/enter-baserock
+++ b/enter-baserock
@@ -38,4 +38,20 @@ if test "x$CHOSEN" = "x"; then
fi
cd /
-exec sudo -H schroot -c "baserock-$CHOSEN"
+
+if test "x$SSH_AUTH_SOCK" != "x"; then
+ echo "Forwarding SSH agent into chroot"
+ TDIR=$(mktemp --tmpdir=/tmp -d)
+ SOCK="${TDIR}/auth-sock"
+ socat "UNIX-LISTEN:${SOCK},fork" "UNIX-CONNECT:${SSH_AUTH_SOCK}" >/dev/null 2>/dev/null &
+ SOCAT_PID=$!
+ cleanup () {
+ echo "Clearing up SSH agent forwarding"
+ kill $SOCAT_PID >/dev/null 2>/dev/null
+ rm -rf "${TDIR}"
+ }
+ trap cleanup 0
+ sudo -H schroot -c "baserock-$CHOSEN" -- /usr/bin/env "SSH_AUTH_SOCK=$SOCK" /bin/bash -l
+else
+ exec sudo -H schroot -c "baserock-$CHOSEN"
+fi