Commit b91b1c23 authored by Victor Nikulshin's avatar Victor Nikulshin

Fix bad filesystem permissions of the RSA key

parent 9e2dac93
Pipeline #1706 failed with stages
......@@ -119,7 +119,7 @@ def connect():
"""
with lcd(env.workspace):
if docker_isrunning('{}_container'.format(env.project_name)):
local('ssh drupalizer@{} -i {}'.format(env.container_ip, h.fab_path('docker/ssh/id_rsa')))
local('ssh drupalizer@{} -i {}'.format(env.container_ip, h.fab_ssh_key()))
else:
print(red('Docker container {}_container is not running, it should be running to be able to connect.'))
......
......@@ -70,7 +70,7 @@ def fab_run(role="local", cmd=""):
if role == "local":
return local(cmd)
else:
with settings(key_filename=fab_path("docker/ssh/id_rsa")):
with settings(key_filename=fab_ssh_key()):
return run(cmd)
......@@ -212,3 +212,15 @@ def fab_path(filename):
"""
path = os.path.dirname(os.path.abspath(__file__))
return os.path.abspath('{0}/{1}'.format(path, filename))
def fab_ssh_key():
"""
Returns the full path to default RSA key for SSH connections.
This helper checks and (if necessary) fixes filesystem permissions on the
RSA key file to make sure that SSH does not ignore keys accessible by other
users.
"""
path = fab_path('docker/ssh/id_rsa')
local('chmod 600 {}'.format(path))
return path
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment