diff options
| author | Alex Auvolat <alex@adnab.me> | 2023-03-15 17:49:09 +0100 |
|---|---|---|
| committer | Alex Auvolat <alex@adnab.me> | 2023-03-15 17:49:31 +0100 |
| commit | 2a0eff07c0f50488e2959675ab467786e09807fe (patch) | |
| tree | 45d1b4722871b996d424d9813004a3c73c93dcd1 | |
| parent | f6c4576b6c8b45f1389498e4c8437d659a780a17 (diff) | |
| download | nixcfg-2a0eff07c0f50488e2959675ab467786e09807fe.tar.gz nixcfg-2a0eff07c0f50488e2959675ab467786e09807fe.zip | |
fix cleanup of deploypass
| l--------- | cluster/staging/app/convertsecrets | 1 | ||||
| -rwxr-xr-x | sshtool | 9 |
2 files changed, 5 insertions, 5 deletions
diff --git a/cluster/staging/app/convertsecrets b/cluster/staging/app/convertsecrets deleted file mode 120000 index 3e30b0f..0000000 --- a/cluster/staging/app/convertsecrets +++ /dev/null @@ -1 +0,0 @@ -../../../secretmgr/convertsecrets
\ No newline at end of file @@ -33,13 +33,14 @@ fi SSH_CONFIG=cluster/$CLUSTER/ssh_config function header { + RANDNAME=$(openssl rand -hex 12) cat <<EOF -cat > /tmp/deploytool_askpass <<EOG +cat > /tmp/deploytool_askpass_$RANDNAME <<EOG #!/usr/bin/env sh echo "\\\$DEPLOYTOOL_ROOT_PASSWORD" EOG -chmod +x /tmp/deploytool_askpass -export SUDO_ASKPASS=/tmp/deploytool_askpass +chmod +x /tmp/deploytool_askpass_$RANDNAME +export SUDO_ASKPASS=/tmp/deploytool_askpass_$RANDNAME export DEPLOYTOOL_ROOT_PASSWORD="$ROOT_PASS" sudo -A sh - <<'EOEVERYTHING' set -e @@ -47,8 +48,8 @@ EOF } function footer { + echo rm -v '/tmp/deploytool_askpass*' echo EOEVERYTHING - echo rm /tmp/deploytool_askpass } function message { |