1 # $OpenBSD: agent-getpeereid.sh,v 1.4 2007/11/25 15:35:09 jmc Exp $ 2 # Placed in the Public Domain. 3 4 tid="disallow agent attach from other uid" 5 6 UNPRIV=nobody 7 ASOCK=${OBJ}/agent 8 SSH_AUTH_SOCK=/nonexistent 9 10 if config_defined HAVE_GETPEEREID HAVE_GETPEERUCRED HAVE_SO_PEERCRED ; then 11 : 12 else 13 echo "skipped (not supported on this platform)" 14 exit 0 15 fi 16 if [ -z "$SUDO" ]; then 17 echo "skipped: need SUDO to switch to uid $UNPRIV" 18 exit 0 19 fi 20 21 22 trace "start agent" 23 eval `${SSHAGENT} -s -a ${ASOCK}` > /dev/null 24 r=$? 25 if [ $r -ne 0 ]; then 26 fail "could not start ssh-agent: exit code $r" 27 else 28 chmod 644 ${SSH_AUTH_SOCK} 29 30 ssh-add -l > /dev/null 2>&1 31 r=$? 32 if [ $r -ne 1 ]; then 33 fail "ssh-add failed with $r != 1" 34 fi 35 36 < /dev/null ${SUDO} -S -u ${UNPRIV} ssh-add -l 2>/dev/null 37 r=$? 38 if [ $r -lt 2 ]; then 39 fail "ssh-add did not fail for ${UNPRIV}: $r < 2" 40 fi 41 42 trace "kill agent" 43 ${SSHAGENT} -k > /dev/null 44 fi 45 46 rm -f ${OBJ}/agent 47
