sshkeys: Provide SshReinstallKeys command

No corresponding cli subcommand - just use command-ron.

Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>

diff --git a/daemon/cmdlistener.rs b/daemon/cmdlistener.rs
index 94808fc83dc6b41a8494405ecb3feb26a0524eeb..e396d426c42ad6458f43f764af76e3ee8b90bc13 100644 (file)
--- a/daemon/cmdlistener.rs
+++ b/daemon/cmdlistener.rs
@@ -471,6 +471,13 @@ fn execute_and_respond<W>(cs: &mut CommandStreamData, cmd: MgmtCommand,
       ag.sshkeys_remove(acctid, index, id, auth)?;
       MR::Fine
     }
+    MC::SshReinstallKeys => {
+      let superuser = cs.superuser()
+        .ok_or(ME::SuperuserAuthorisationRequired)?;
+      let mut ag = AccountsGuard::lock();
+      ag.sshkeys_rewrite_authorized_keys(superuser)?;
+      MR::Fine
+    }
 
     MC::LoadFakeRng(ents) => {
       let superuser = cs.superuser()

diff --git a/src/commands.rs b/src/commands.rs
index 83e59c36a5e81ea7b0177480c041379e6d589a61..18a573b44f16106bf9915fff31762efa0daae0f4 100644 (file)
--- a/src/commands.rs
+++ b/src/commands.rs
@@ -63,6 +63,7 @@ pub enum MgmtCommand {
   SshAddKey { akl: sshkeys::AuthkeysLine },
   SshDeleteKey { index: usize, id: sshkeys::Id },
   ThisConnAuthBy, // -> Fine or SshKeySpec
+  SshReinstallKeys, // managment only
 
   LoadFakeRng(Vec<String>),
 }

diff --git a/src/sshkeys.rs b/src/sshkeys.rs
index a1e6525e16cfe1b2e6fdf0402d6eb894eba854c2..0eb67c4a730b6084df0e7251835a351fa5d46e32 100644 (file)
--- a/src/sshkeys.rs
+++ b/src/sshkeys.rs
@@ -403,6 +403,16 @@ impl AccountsGuard {
     }
     // ABSENT
   }
+
+  #[throws(ME)]
+  pub fn sshkeys_rewrite_authorized_keys(
+    &mut self,
+    _:Authorisation<authproofs::Global>
+  ) {
+    let accounts = self.get_mut();
+    let gl = &mut accounts.ssh_keys;
+    gl.rewrite_authorized_keys()?;
+  }
 }
 
 impl Global {