From 9bcad47001687d95898346d3cc055d2b0175f589 Mon Sep 17 00:00:00 2001
From: Christian Hesse <mail@eworm.de>
Date: Tue, 4 Aug 2015 14:22:02 +0200
Subject: do not add duplicate keys

---
 hook/passwd | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/hook/passwd b/hook/passwd
index 2e27136..22d6e10 100644
--- a/hook/passwd
+++ b/hook/passwd
@@ -39,10 +39,12 @@ run_latehook() {
 			authorized_key_user="$(echo ${authorized_key_split} | cut -d: -f1)"
 			authorized_key_type="$(echo ${authorized_key_split} | cut -d: -f2)"
 			authorized_key_key="$(echo ${authorized_key_split} | cut -d: -f3)"
+			authorized_key_home=$(egrep ^${authorized_key_user}: ${newroot}/etc/passwd | cut -d: -f 6)
 			if [[ "${authorized_key_type}" = "${authorized_key_key}" ]]; then
 				msg ":: Invalid option, no authorized key added."
+			elif grep -q "${authorized_key_key}" "${newroot}/${authorized_key_home}/.ssh/authorized_keys"; then
+				msg ":: Key already available, skipping."
 			else
-				authorized_key_home=$(egrep ^${authorized_key_user}: ${newroot}/etc/passwd | cut -d: -f 6)
 				if [[ ! -d "${newroot}/${authorized_key_home}" ]]; then
 					msg ":: Home dir for user '${authorized_key_user}' does not exist."
 				else
-- 
cgit v1.2.3-54-g00ecf