Setting to disable authorized_keys backup #1856
Conversation
Signed-off-by: Magnus Lindvall <magnus@dnmgns.com>
Signed-off-by: Magnus Lindvall <magnus@dnmgns.com>
dnmgns
changed the title
|
It's seems that the disabled part also have a part that recopy line from old version (that kind of weird but maybe to keep manually added keys). I am not against also disabling that but that should be explicitly describe in description of VAR (ex: this will override manually added keys). https://github.com/dnmgns/gitea/blob/78314cc1cdbcf2ba88bcf124de578c3b830af085/models/ssh_key.go#L591 |
tboerger
added
the
lgtm/need 2
|
@sapk Yeah, seems that it has that part to save keys that has been added manually (written directly to authorized_keys file). As there's a tmp-file being created, we could just use that one for this purpose instead of the backup-file (old file). I've made some changes now, use the tmp-file for saving old keys instead (authorized_keys => tmp-file). And if backup is enabled, simply just copy the current authorized_keys file to a backup file. |
Signed-off-by: Magnus Lindvall <magnus@dnmgns.com>
models/ssh_key.go
Outdated
| os.Remove(tmpPath) | ||
| }() | ||
|
|
||
| if com.IsExist(fPath) && !setting.SSH.DisableAuthorizedKeysBackup { | ||
| bakPath := fPath + fmt.Sprintf("_%d.gitea_bak", time.Now().Unix()) |
There was a problem hiding this comment.
While you're moving this line, mind changing it to
bakPath := fmt.Sprintf("%s_%d.gitea_bak", fPath, time.Now().Unix())
models/ssh_key.go
Outdated
| } | ||
|
|
||
| f.Close() | ||
| if err = os.Rename(tmpPath, fpath); err != nil { | ||
| t.Close() |
There was a problem hiding this comment.
Thanks, I thought it looked like it but I also thought that maybe it was there for a reason that I didn't know about. FYI: This wasn't introduced in this PR, closing twice also exists in master (first and last row here: https://github.com/go-gitea/gitea/blob/master/models/ssh_key.go#L568-L606)
But I can fix it in this PR.
Signed-off-by: Magnus Lindvall <magnus@dnmgns.com>
Signed-off-by: Magnus Lindvall <magnus@dnmgns.com>
Signed-off-by: Magnus Lindvall <magnus@dnmgns.com>
|
@bkcsoft - Sent in some new commits that addresses the issues you found, also I'm changing the casing for vars from mixed to lowercase only. This seems to better follow the variable style from other functions. |
Signed-off-by: Magnus Lindvall <magnus@dnmgns.com>
|
Question: why did you change the casing? |
Signed-off-by: Magnus Lindvall <magnus@dnmgns.com>
|
Thanks @bkcsoft - Temporary confusion I believe :) |
conf/app.ini
Outdated
| @@ -120,6 +120,8 @@ SSH_ROOT_PATH = | |||
| SSH_KEY_TEST_PATH = | |||
| ; Path to ssh-keygen, default is 'ssh-keygen' and let shell find out which one to call. | |||
| SSH_KEYGEN_PATH = ssh-keygen | |||
| ; Disable SSH Authorized Key Backup when rewriting all keys, default is false | |||
| SSH_DISABLE_AUTHORIZED_KEYS_BACKUP = false | |||
There was a problem hiding this comment.
I don't really like negations in configs. Would not SSH_ENABLE_AUTHORIZED_KEYS_BACKUP = true make more sense?
There was a problem hiding this comment.
There's some other negations in the config, that's simply why I choose that style. But I don't mind changing this to enable/true instead.
There was a problem hiding this comment.
I prefer enable, reading negations is sometimes hard for non-native speakers 🙂
There was a problem hiding this comment.
And actually that would just be SSH_BACKUP_AUTHORIZED_KEYS = true
Signed-off-by: Magnus Lindvall <magnus@dnmgns.com>
Signed-off-by: Magnus Lindvall <magnus@dnmgns.com>
models/ssh_key.go
Outdated
| os.Remove(tmpPath) | ||
| }() | ||
|
|
||
| if com.IsExist(fPath) && setting.SSH.AuthorizedKeysBackup { |
There was a problem hiding this comment.
It would be better: if setting.SSH.AuthorizedKeysBackup && com.IsExist(fPath) { to not check for directory existence if backup is disabled anyway, disk i/o operations are not cheap especially on rpi
Signed-off-by: Magnus Lindvall <magnus@dnmgns.com>
|
|
tboerger
added
lgtm/need 1
| f, err := os.OpenFile(tmpPath, os.O_RDWR|os.O_CREATE|os.O_TRUNC, 0600) | ||
| fPath := filepath.Join(setting.SSH.RootPath, "authorized_keys") | ||
| tmpPath := fPath + ".tmp" | ||
| t, err := os.OpenFile(tmpPath, os.O_RDWR|os.O_CREATE|os.O_TRUNC, 0600) |
There was a problem hiding this comment.
Do we still need a temp file? Since we're locking SSH access (line 324) we shouldn't need to do that :/
There was a problem hiding this comment.
Well, it seems that the lock was introduced 3 years ago in ab747f2 and temp file has been there since then. This PR doesn't introduce any new tmp file, it just updates the variable name for the already existing one. While I may investigate if the tmp file is really needed (I also guess it isn't) and make the change for this in this PR, I believe it should be part of another PR intended to fix that specific issue. Your thoughts on this?
There was a problem hiding this comment.
Temp file could actually be needed because generating new one is more time consuming than file move operation so that it would not disrupt ssh service
There was a problem hiding this comment.
Yeah I agree that it should not be part of this one. Just noting that we're still trashing disk here :)
There was a problem hiding this comment.
Ah cool, I've gotten so much great feedback here so I just thought that this was feedback as well :)
|
LGTM |
|
LGTM |
tboerger
added
lgtm/done
When using LDAP User Synchronization (#1478) with LDAP Public SSH Keys synchronization (#1844), the authorized_keys backup might be running with a quite high frequency (as it's called every time when rewriting public keys).
The system could end up with lots of backup-files causing inode issue and running out of free space.
This PR addresses this issue by giving the administrator the option to disable the authorized_keys backup when rewriting the public keys. This enables the administrator to perform the backup on his own outside of Gitea instead, or simply skip the backup as the keys are already stored in LDAP.