work around files permission issue for key writing.

jonhadfield · Jun 25, 2016 · 3d6e953 · 3d6e953
1 parent e2af3a2
commit 3d6e953
Show file tree

Hide file tree

Showing 2 changed files with 11 additions and 4 deletions.
diff --git a/lib/creds/ssh/__init__.py b/lib/creds/ssh/__init__.py
@@ -3,7 +3,7 @@
 
 import os
 import shlex
-from creds.utils import execute_command
+from creds.utils import execute_command, random_string
 from creds.ssh.public_key import PublicKey
 
 
@@ -20,11 +20,14 @@ def read_authorized_keys(username=None):
 def write_authorized_keys(user=None):
     authorized_keys = list()
     authorized_keys_dir = '{0}/.ssh'.format(os.path.expanduser('~{0}'.format(user.name)))
+    rnd_chars = random_string()
+    tmp_authorized_keys_dir = '{0}'.format(os.path.expanduser('~'))
     authorized_keys_path = '{0}/authorized_keys'.format(authorized_keys_dir)
+    tmp_authorized_keys_path = '{0}/authorized_keys_{1}'.format(tmp_authorized_keys_dir, rnd_chars)
     if not os.path.isdir(authorized_keys_dir):
-        # os.makedirs(authorized_keys_dir)
         execute_command(shlex.split(str('sudo mkdir -p {0}'.format(authorized_keys_dir))))
     for key in user.public_keys:
         authorized_keys.append(key.raw)
-    with open(authorized_keys_path, mode='w+') as keys_file:
+    with open(tmp_authorized_keys_path, mode='w+') as keys_file:
         keys_file.writelines(authorized_keys)
+    execute_command(shlex.split(str('sudo cp {0} {1}'.format(tmp_authorized_keys_path, authorized_keys_path))))
diff --git a/lib/creds/utils.py b/lib/creds/utils.py
@@ -4,7 +4,8 @@
 
 import base64
 import subprocess
-
+import random
+import string
 from external.six import six
 
 
@@ -13,6 +14,9 @@ def execute_command(command=None):
     return process.communicate()
 
 
+def random_string(length=10):
+    ''.join(random.SystemRandom().choice(string.ascii_uppercase + string.digits) for _ in range(length))
+
 def base64encode(_input=None):
     if six.PY2:
         return base64.b64encode(_input)