don't command from within the new user's directory

2024-12-06 20:39:16 -05:00 · 2024-12-06 20:39:16 -05:00 · 69a74f1855
commit 69a74f1855
parent 616f560e7b
2 changed files with 8 additions and 10 deletions
--- a/scripts/1clickservice.groovy
+++ b/scripts/1clickservice.groovy
@ -215,7 +215,9 @@ pipeline {
                script {
                    withCredentials([sshUserPrivateKey(credentialsId: env.SUDOERSSHID, keyFileVariable: 'PK')])
                    {
-                        sh 'scp ${servicename}-ssh.pub -i \"${PK}\" ${SUDOER_USR}@${targetHost}:~/ssh.pub'
+                        sh """#!/bin/bash
+                            scp -i \"${PK}\" ${servicename}-ssh.pub ${SUDOER_USR}@${targetHost}:~/ssh.pub
+                        """

                        sh """#!/bin/bash
                            ssh-keyscan -t ed25519 ${targetHost} >> ~/.ssh/known_hosts
--- a/scripts/serviceaccount.sh
+++ b/scripts/serviceaccount.sh
@ -5,18 +5,14 @@ SUDOER_PSW=
 function restofscript(){
    USERNAMETOADD=
    PASSWORDTOADD=
-    PUBKEYCONTENT=
    useradd -m -s /bin/bash ${USERNAMETOADD}
    echo "${USERNAMETOADD}:${PASSWORDTOADD}" | chpasswd
    loginctl enable-linger ${USERNAMETOADD}
-    cd /home/${USERNAMETOADD}
-    mkdir .ssh
-    pushd .ssh
-    touch authorized_keys
-    popd
-    cat ssh.pub >> .ssh/authorized_keys
-    chmod 600 authorized_keys
-    chown -R "${USERNAMETOADD}:${USERNAMETOADD}" .ssh
+    mkdir /home/${USERNAMETOADD}/.ssh
+    touch /home/${USERNAMETOADD}/authorized_keys
+    cat ssh.pub >> /home/${USERNAMETOADD}/.ssh/authorized_keys
+    chmod 600 /home/${USERNAMETOADD}/authorized_keys
+    chown -R "${USERNAMETOADD}:${USERNAMETOADD}" /home/${USERNAMETOADD}/.ssh
 }

 echo "${SUDOER_PSW}" | sudo -S bash -c "$(declare -f restofscript); restofscript"