1# $OpenBSD: agent-getpeereid.sh,v 1.13 2021/09/01 00:50:27 dtucker Exp $ 2# Placed in the Public Domain. 3 4tid="disallow agent attach from other uid" 5 6UNPRIV=nobody 7ASOCK=${OBJ}/agent 8SSH_AUTH_SOCK=/nonexistent 9 10if config_defined HAVE_GETPEEREID HAVE_GETPEERUCRED HAVE_SO_PEERCRED ; then 11 : 12else 13 skip "skipped (not supported on this platform)" 14fi 15case "x$SUDO" in 16 xsudo) sudo=1;; 17 xdoas|xdoas\ *) ;; 18 x) 19 skip "need SUDO to switch to uid $UNPRIV" ;; 20 *) 21 skip "unsupported $SUDO - "doas" and "sudo" are allowed" ;; 22esac 23 24trace "start agent" 25eval `${SSHAGENT} ${EXTRA_AGENT_ARGS} -s -a ${ASOCK}` > /dev/null 26r=$? 27if [ $r -ne 0 ]; then 28 fail "could not start ssh-agent: exit code $r" 29else 30 chmod 644 ${SSH_AUTH_SOCK} 31 32 ${SSHADD} -l > /dev/null 2>&1 33 r=$? 34 if [ $r -ne 1 ]; then 35 fail "ssh-add failed with $r != 1" 36 fi 37 if test -z "$sudo" ; then 38 # doas 39 ${SUDO} -n -u ${UNPRIV} ${SSHADD} -l 2>/dev/null 40 else 41 # sudo 42 < /dev/null ${SUDO} -S -u ${UNPRIV} ${SSHADD} -l 2>/dev/null 43 fi 44 r=$? 45 if [ $r -lt 2 ]; then 46 fail "ssh-add did not fail for ${UNPRIV}: $r < 2" 47 fi 48 49 trace "kill agent" 50 ${SSHAGENT} -k > /dev/null 51fi 52 53rm -f ${OBJ}/agent 54