/**
* Write SSH authorized_keys into a user homedir
*
* @param PFUser $user
*
* @return Boolean
*/
public function writeSSHKeys(PFUser $user)
{
try {
if ($user->getUnixStatus() != 'A') {
return true;
}
$ssh_dir = $user->getUnixHomeDir() . '/.ssh';
// Subtlety: between the 2 process owner change, there is no way to
// write any logs because the process is owned by a mere user but
// the log file is only writtable by codendiadm and root. So the
// exceptions... welcome to the real world Neo.
$this->changeProcessUidGidToUser($user);
$this->createSSHDirForUser($user, $ssh_dir);
$this->writeSSHFile($user, $ssh_dir);
$this->restoreRootUidGid();
$this->backend->changeOwnerGroupMode($ssh_dir, $user->getUserName(), $user->getUserName(), 0700);
$this->backend->changeOwnerGroupMode("{$ssh_dir}/authorized_keys", $user->getUserName(), $user->getUserName(), 0600);
$this->backend->log("Authorized_keys for " . $user->getUserName() . " written.", Backend::LOG_INFO);
return true;
} catch (Exception $exception) {
$this->restoreRootUidGid();
$this->backend->log($exception->getMessage(), Backend::LOG_ERROR);
return false;
}
}
/**
* Set user's uid/gid on its home directory (recursively)
*
* @param PFUser $user user to set uid/gid
*
* @return null
*/
private function setUserHomeOwnership(PFUser $user)
{
$this->recurseChownChgrp($user->getUnixHomeDir(), $user->getUserName(), $user->getUserName());
}
