From f4e7fe150807d12f808ee7b82c1d7f700c0b99b3 Mon Sep 17 00:00:00 2001
From: Daniel Silverstone <daniel.silverstone@codethink.co.uk>
Date: Wed, 26 Mar 2014 14:06:59 +0000
Subject: Forward SSH authentication agent and enable ssh in chroot.

The SSH authentication agent is supported by a pairing of a socket and an
environment variable.  This patch ensures that no matter where the agent socket
might be, a new socket in /tmp (always shared with the chroot) is made and
forwarded into the chroot's environment via 'env'
---
 enter-baserock | 18 +++++++++++++++++-
 1 file changed, 17 insertions(+), 1 deletion(-)

(limited to 'enter-baserock')

diff --git a/enter-baserock b/enter-baserock
index d133364..4ce2b52 100755
--- a/enter-baserock
+++ b/enter-baserock
@@ -38,4 +38,20 @@ if test "x$CHOSEN" = "x"; then
 fi
 
 cd /
-exec sudo -H schroot -c "baserock-$CHOSEN"
+
+if test "x$SSH_AUTH_SOCK" != "x"; then
+    echo "Forwarding SSH agent into chroot"
+    TDIR=$(mktemp --tmpdir=/tmp -d)
+    SOCK="${TDIR}/auth-sock"
+    socat "UNIX-LISTEN:${SOCK},fork" "UNIX-CONNECT:${SSH_AUTH_SOCK}" >/dev/null 2>/dev/null &
+    SOCAT_PID=$!
+    cleanup () {
+	echo "Clearing up SSH agent forwarding"
+	kill $SOCAT_PID >/dev/null 2>/dev/null
+	rm -rf "${TDIR}"
+    }
+    trap cleanup 0
+    sudo -H schroot -c "baserock-$CHOSEN" -- /usr/bin/env "SSH_AUTH_SOCK=$SOCK" /bin/bash -l
+else
+    exec sudo -H schroot -c "baserock-$CHOSEN"
+fi
-- 
cgit v1.2.1