#!/usr/bin/env perl
# Copyright © 2010,2011 by Daniel Friesel <derf@finalrewind.org>
# License: WTFPL:
#   0. You just DO WHAT THE FUCK YOU WANT TO.
#
# SSH forcecommand to be used for nagios ssh checks etc.
# Example line for ssh authorized_keys file:
# command="/usr/local/lib/ssh-forcecommand /etc/forcecommand/backup.cfg",no-agent-forwarding,no-port-forwarding,no-pty,no-X11-forwarding $key
#
# Configfile format:
# ssh_command = real_command
# Example:
# home = tar -C / -cf - home

use strict;
use warnings;

my $conffile = shift or die("Usage: $0 <configfile>\n");
my %commands;
my $input = $ENV{'SSH_ORIGINAL_COMMAND'} or die("No command\n");;

open(my $conf, '<', $conffile) or die("Can't open $conffile: $!\n");

while (my $line = <$conf>) {
	my ($key, $value) = ($line =~ m{ ^ ([^=]+?) \s* = \s* (.+) $ }x);
	if ($key and $value) {
		$commands{$key} = $value;
	}
}
close($conf) or die("Cannot close $conffile: $!\n");

if (exists $commands{$input}) {
	exec($commands{$input});
	exit 1;
}

die("Unknown command\n");