Commit 4fd8e44b authored by Jacob Vosmaer's avatar Jacob Vosmaer

Remove keys from authorized_keys in-place

This will speed up the rm-key operation. The downside is that
authorized_keys will not shrink when you remove a key. If this ever
becomes a problem it can be fixed by running 'rake gitlab:shell:setup'.
parent 4d30c0c5
v2.6.4
- Remove keys from authorized_keys in-place
v2.6.3
- Prevent keys with a very specific comment from accidentally being deleted.
......
require 'tempfile'
require 'timeout'
require_relative 'gitlab_config'
......@@ -82,15 +81,15 @@ class GitlabKeys
def rm_key
lock do
$logger.info "Removing key #{@key_id}"
Tempfile.open('authorized_keys') do |temp|
open(auth_file, 'r+') do |current|
current.each do |line|
temp.puts(line) unless line.start_with?("command=\"#{key_command(@key_id)}\"")
open(auth_file, 'r+') do |f|
while line = f.gets do
next unless line.start_with?("command=\"#{key_command(@key_id)}\"")
f.seek(-line.length, IO::SEEK_CUR)
# Overwrite the line with #'s. Because the 'line' variable contains
# a terminating '\n', we write line.length - 1 '#' characters.
f.write('#' * (line.length - 1))
end
end
temp.close
FileUtils.cp(temp.path, auth_file)
end
end
true
end
......
......@@ -109,17 +109,19 @@ describe GitlabKeys do
it "removes the right line" do
create_authorized_keys_fixture
other_line = "command=\"#{ROOT_PATH}/bin/gitlab-shell key-742\",options ssh-rsa AAAAB3NzaDAxx2E"
delete_line = "command=\"#{ROOT_PATH}/bin/gitlab-shell key-741\",options ssh-rsa AAAAB3NzaDAxx2E"
open(tmp_authorized_keys_path, 'a') do |auth_file|
auth_file.puts "command=\"#{ROOT_PATH}/bin/gitlab-shell key-741\",options ssh-rsa AAAAB3NzaDAxx2E"
auth_file.puts delete_line
auth_file.puts other_line
end
gitlab_keys.send :rm_key
File.read(tmp_authorized_keys_path).should == "existing content\n#{other_line}\n"
erased_line = delete_line.gsub(/./, '#')
File.read(tmp_authorized_keys_path).should == "existing content\n#{erased_line}\n#{other_line}\n"
end
context "without file writing" do
before do
Tempfile.stub(:open)
gitlab_keys.stub(:open)
gitlab_keys.stub(:lock).and_yield
end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment