On Mon, Jul 21, 2014 at 5:33 PM, Klaus Aehlig <aeh...@google.com> wrote:
> > +def OverridePubKeyFile(key_map, key_file=pathutils.SSH_PUB_KEYS,
> > + error_fn=errors.ProgrammerError,
> > + mode=0600):
> > + """Overrides the public key file with a list of given keys.
> > +
> > + @type key_map: dict from str to list of str
> > + @param key_map: dictionary mapping uuids to lists of SSH keys
> > +
> > + """
> > + ClearPubKeyFile(key_file=key_file, mode=mode)
> > + try:
> > + key_fd = open(key_file, "w")
> > + for (uuid, keys) in key_map.items():
> > + for key in keys:
> > + key_fd.write("%s %s\n" % (uuid, key))
> > + key_fd.close()
> > + except IOError, e:
> > + raise error_fn("Cannot override key file due to error '%s'" % e)
>
> If this function gets an IOError, it might leave the pubkey file empty.
> What is the rational of deviating from the usual write and atomic-rename
> pattern that guarantees that, at any moment, either the old or the new
> value is present in its correct form?
>
That's an excellent point. I think in the spirit of reusing the clear
method I forgot to think about the atomical writing. Will resend the patch.
Cheers,
Helga
>
> --
> Klaus Aehlig
> Google Germany GmbH, Dienerstr. 12, 80331 Muenchen
> Registergericht und -nummer: Hamburg, HRB 86891
> Sitz der Gesellschaft: Hamburg
> Geschaeftsfuehrer: Graham Law, Christine Elizabeth Flores
>
--
Helga Velroyen | Software Engineer | hel...@google.com |
Google Germany GmbH
Dienerstr. 12
80331 München
Registergericht und -nummer: Hamburg, HRB 86891
Sitz der Gesellschaft: Hamburg
Geschäftsführer: Graham Law, Christine Elizabeth Flores
