From 6f44c8b272ca8212e7d02c5901a39bc50a9e1b6c Mon Sep 17 00:00:00 2001
From: Roger Luethi <rl@patchworkscience.org>
Date: Mon, 1 Sep 2014 08:25:41 +0200
Subject: [PATCH] labs: check and fix private ssh key permissions

If a user changes the permissions of the Vagrant insecure ssh key,
ssh authentication doesn't work anymore and they are prompted for
a password. To prevent that, check (and adjust, if necessary) file
permissions before using ssh.

Change-Id: I90589553de30ef606c4083a1b9980c2cc80a3b3b
---
 labs/lib/osbash/functions.host | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/labs/lib/osbash/functions.host b/labs/lib/osbash/functions.host
index 7332e93d..45334c93 100644
--- a/labs/lib/osbash/functions.host
+++ b/labs/lib/osbash/functions.host
@@ -44,10 +44,15 @@ function check_vagrant_private_key {
     local key_name="vagrant"
     local key_url=https://raw.githubusercontent.com/mitchellh/vagrant/master/keys/$key_name
     local vagrant_key_dir=$LIB_DIR/vagrant-ssh-keys
+    local vagrant_key_path=$vagrant_key_dir/$key_name
 
-    if [ ! -f "$vagrant_key_dir/$key_name" ]; then
+    if [ ! -f "$vagrant_key_path" ]; then
         download "$key_url" "$vagrant_key_dir" $key_name
-        chmod 400 "$vagrant_key_dir/$key_name"
+    fi
+
+    if ! ls -l "$vagrant_key_path"|grep -q "^-r--------"; then
+        echo "Adjusting permissions for $vagrant_key_path"
+        chmod 400 "$vagrant_key_path"
     fi
 }