kanidm_ssh_authorizedkeys/
kanidm_ssh_authorizedkeys.rs

Help
1#![deny(warnings)]
2#![warn(unused_extern_crates)]
3#![deny(clippy::todo)]
4#![deny(clippy::unimplemented)]
5#![deny(clippy::unwrap_used)]
6#![deny(clippy::expect_used)]
7#![deny(clippy::panic)]
8#![deny(clippy::unreachable)]
9#![deny(clippy::await_holding_lock)]
10#![deny(clippy::needless_pass_by_value)]
11#![deny(clippy::trivially_copy_pass_by_ref)]
12
13#[macro_use]
14extern crate tracing;
15
16use std::path::PathBuf;
17use std::process::ExitCode;
18
19use clap::Parser;
20use kanidm_unix_common::client::DaemonClient;
21use kanidm_unix_common::constants::DEFAULT_CONFIG_PATH;
22use kanidm_unix_common::unix_config::PamNssConfig;
23use kanidm_unix_common::unix_proto::{ClientRequest, ClientResponse};
24
25include!("../opt/ssh_authorizedkeys.rs");
26
27#[tokio::main(flavor = "current_thread")]
28async fn main() -> ExitCode {
29    let opt = SshAuthorizedOpt::parse();
30    if opt.debug {
31        ::std::env::set_var("RUST_LOG", "kanidm=debug,kanidm_client=debug");
32    }
33    if opt.version {
34        println!("ssh_authorizedkeys {}", env!("KANIDM_PKG_VERSION"));
35        return ExitCode::SUCCESS;
36    }
37
38    sketching::tracing_subscriber::fmt::init();
39
40    if opt.account_id.is_none() {
41        error!("No account specified, quitting!");
42        return ExitCode::FAILURE;
43    }
44
45    debug!("Starting authorized keys tool ...");
46
47    let cfg = match PamNssConfig::new().read_options_from_optional_config(DEFAULT_CONFIG_PATH) {
48        Ok(c) => c,
49        Err(e) => {
50            error!("Failed to parse {}: {:?}", DEFAULT_CONFIG_PATH, e);
51            return ExitCode::FAILURE;
52        }
53    };
54
55    debug!(
56        "Using kanidm_unixd socket path: {:?}",
57        cfg.sock_path.as_str()
58    );
59
60    // see if the kanidm_unixd socket exists and quit if not
61    if !PathBuf::from(&cfg.sock_path).exists() {
62        error!(
63            "Failed to find unix socket at {}, quitting!",
64            cfg.sock_path.as_str()
65        );
66        return ExitCode::FAILURE;
67    }
68
69    let mut daemon_client =
70        match DaemonClient::new(cfg.sock_path.as_str(), cfg.unix_sock_timeout).await {
71            Ok(dc) => dc,
72            Err(err) => {
73                error!(
74                    "Failed to connect to resolver at {}-> {:?}",
75                    cfg.sock_path.as_str(),
76                    err
77                );
78                return ExitCode::FAILURE;
79            }
80        };
81
82    // safe because we've already thrown an error if it's not there
83    let req = ClientRequest::SshKey(opt.account_id.unwrap_or("".to_string()));
84
85    match daemon_client.call(&req, None).await {
86        Ok(ClientResponse::SshKeys(sk)) => {
87            sk.iter().for_each(|k| {
88                println!("{}", k);
89            });
90            ExitCode::SUCCESS
91        }
92        Ok(r) => {
93            error!("Error calling kanidm_unixd: unexpected response -> {:?}", r);
94            ExitCode::FAILURE
95        }
96        Err(e) => {
97            error!("Error calling kanidm_unixd -> {:?}", e);
98            ExitCode::FAILURE
99        }
100    }
101}
kanidm_ssh_authorizedkeys/kanidm_ssh_authorizedkeys.rs

kanidm_ssh_authorizedkeys/
kanidm_ssh_authorizedkeys.rs
