From ff9ac0a998dae94dd8dd851c2bb88556e9612d4c Mon Sep 17 00:00:00 2001
From: Klas Arvidsson <klas.arvidsson@liu.se>
Date: Tue, 22 Feb 2022 17:14:47 +0100
Subject: [PATCH] Added limited scp ability for torjo@upp

---
 manifests/autocorr.pp | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/manifests/autocorr.pp b/manifests/autocorr.pp
index a930d7f..937f778 100644
--- a/manifests/autocorr.pp
+++ b/manifests/autocorr.pp
@@ -25,4 +25,14 @@ class aes::autocorr {
     owner  => $autocorr_user,
     group  => $autocorr_group,
   }
+
+  file { "${autocorr_home}/.ssh/authorized_keys":
+    ensure  => file,
+    mode   => '0600',
+    owner  => $autocorr_user,
+    group  => $autocorr_group,
+    content => @(SSHPUBKEY),
+command="if [[ \"$SSH_ORIGINAL_COMMAND\" =~ ^scp[[:space:]]-f[[:space:]]/home/examadm/Version-3.1/exam/[[:space:]0-9a-zA-Z_/.-]*$ ]]; then $SSH_ORIGINAL_COMMAND; else >&2 echo \"ERROR Access Denied ('$SSH_ORIGINAL_COMMAND')\"; fi",no-pty,no-user-rc,no-port-forwarding,no-agent-forwarding,no-X11-forwarding ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCu/so6GPeUOpK0Zeiv8pM4UF4BAGnbjc92rYJP7PH2tnCvzTcj7Zx5fw6oyoFPw7SJ21ybIYHr1Eef7LsfJc6lOx/xNm8XABhOJw7Gy12WnjRF9SmsT7+YqJDvDOeN89PvzmHNdhpCerpdhDGvAKu2MjP2fAEW0eIgHWYfzFwQxXqfsEdKYAtIx0v/VTLxFjtZOz5PQGAPR28NZkffMt1ePaAO5WUwjkxcyIbrtrOWWYDtqa9G7gTwgdf7m9IG69G6sqKGzyZrfd0nrpMmtWmX6/9bWwUk1ADaLdEFiupsZ9k+QsLB7/v7fxzbPD61yAJ75JUecghlXFJ4ob9OsmPz torjo@upp
+    | SSHPUBKEY
+  }
 }
-- 
GitLab