1# $OpenBSD: agent-getpeereid.sh,v 1.15 2023/02/08 08:06:03 dtucker Exp $ 2# Placed in the Public Domain. 3 4tid="disallow agent attach from other uid" 5 6UNPRIV=nobody 7ASOCK=${OBJ}/agent 8SSH_AUTH_SOCK=/nonexistent 9>$OBJ/ssh-agent.log 10>$OBJ/ssh-add.log 11 12case "x$SUDO" in 13 xsudo) sudo=1;; 14 xdoas|xdoas\ *) ;; 15 x) 16 if [ -x /usr/local/bin/sudo -a -f /etc/sudoers ]; then 17 sudo=1 18 SUDO=/usr/local/sbin/sudo 19 elif [ -f /etc/doas.conf ]; then 20 SUDO=/usr/bin/doas 21 else 22 skip "neither sudo and sudoers nor doas.conf exist" 23 fi ;; 24 *) fatal 'unsupported $SUDO - "doas" and "sudo" are allowed' ;; 25esac 26 27trace "start agent" 28eval `${SSHAGENT} ${EXTRA_AGENT_ARGS} -s -a ${ASOCK}` >$OBJ/ssh-agent.log 2>&1 29r=$? 30if [ $r -ne 0 ]; then 31 fail "could not start ssh-agent: exit code $r" 32else 33 chmod 644 ${SSH_AUTH_SOCK} 34 35 ${SSHADD} -vvv -l >>$OBJ/ssh-add.log 2>&1 36 r=$? 37 if [ $r -ne 1 ]; then 38 fail "ssh-add failed with $r != 1" 39 fi 40 if test -z "$sudo" ; then 41 # doas 42 ${SUDO} -n -u ${UNPRIV} ${SSHADD} -vvv -l >>$OBJ/ssh-add.log 2>&1 43 else 44 # sudo 45 < /dev/null ${SUDO} -S -u ${UNPRIV} ${SSHADD} -vvv -l >>$OBJ/ssh-add.log 2>&1 46 fi 47 r=$? 48 if [ $r -lt 2 ]; then 49 fail "ssh-add did not fail for ${UNPRIV}: $r < 2" 50 cat $OBJ/ssh-add.log 51 fi 52 53 trace "kill agent" 54 ${SSHAGENT} -k >>$OBJ/ssh-agent.log 2>&1 55fi 56 57rm -f ${OBJ}/agent 58