summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMichał 'rysiek' Woźniak <rysiek@hackerspace.pl>2017-02-24 16:58:42 +0100
committerMichał 'rysiek' Woźniak <rysiek@hackerspace.pl>2017-02-24 16:58:42 +0100
commit725b193398d59d51acbc1ea0b9480d4648d4dbc9 (patch)
tree3fd091555ea7ff5e81010768c82b0d161566d446
parent2f45014f942155c1d63c572d8e619bd0f5ef12ef (diff)
downloadkuvert-725b193398d59d51acbc1ea0b9480d4648d4dbc9.tar.gz
kuvert-725b193398d59d51acbc1ea0b9480d4648d4dbc9.tar.bz2
kuvert-725b193398d59d51acbc1ea0b9480d4648d4dbc9.zip
run.sh: bugfix for the gnupg inotifywatch
-rw-r--r--run.sh13
1 files changed, 10 insertions, 3 deletions
diff --git a/run.sh b/run.sh
index b5982bf..1eee6f6 100644
--- a/run.sh
+++ b/run.sh
@@ -8,20 +8,27 @@ function watch_pubkeys {
# FIXME we need to handle SIGHUP/SIGTERM/SIGKILL nicely some day
while true; do
# wait for events
+ set +e # yeah, inotifywatch can return a different return code than 0, and we have to be fine with that
inotifywait -r -e modify -e move -e create -e delete -qq "$KUVERT_GNUPG_DIR/"*.gpg "$KUVERT_GNUPG_DIR/"*.gpg~
+ set -e # back to being strict about stuff
# if a watched event occured, redo authorized_keys
if [ $? -eq 0 ]; then
echo " +-- files in $KUVERT_GNUPG_DIR changed"
+ # we need to wait for gpg to finish its stuff
+ echo " +-- continuing in 3s..."
+ sleep 3
+ # permissions and ownership
echo " +-- making sure permissions are AOK..."
- chown -R "$KUVERT_USER":"$KUVERT_GROUP" "$KUVERT_GNUPG_DIR"
- chmod -R u=rwX,go= "$KUVERT_GNUPG_DIR"
+ # just the relevant files, gpg creates .lock and .tmp files too, we're going to ignore those
+ chown "$KUVERT_USER":"$KUVERT_GROUP" "$KUVERT_GNUPG_DIR/" "$KUVERT_GNUPG_DIR/"*.gpg "$KUVERT_GNUPG_DIR/"*.gpg~
+ chmod u=rwX,go= "$KUVERT_GNUPG_DIR/" "$KUVERT_GNUPG_DIR/"*.gpg "$KUVERT_GNUPG_DIR/"*.gpg~
+ # now the important stuff
echo " +-- reloading kuvert config and keyring..."
su -p -c "env PATH=\"$PATH\" kuvert -r" "$KUVERT_USER"
fi
done
}
-
# exit when any of the commands fails
set -e