Add validator in rotation script to check custom munge key size

aws · Sep 20, 2023 · 390d074 · 390d074
1 parent b32d548
commit 390d074
Showing 1 changed file with 7 additions and 0 deletions.
diff --git a/...books/aws-parallelcluster-slurm/templates/default/slurm/head_node/update_munge_key.sh.erb b/...books/aws-parallelcluster-slurm/templates/default/slurm/head_node/update_munge_key.sh.erb
@@ -32,6 +32,13 @@ if [ -n "${SECRET_ARN}" ]; then
     exit 1
   fi
 
+  # Check munge key size
+  key_size=$(echo "${decoded_key}" | wc -c)
+  if [ $key_size -lt 32 ] || [ $key_size -gt 1024 ]; then
+    echo "Fetched munge key size is out of valid range [256-8192 bits]."
+    exit 1
+  fi
+
   echo "${decoded_key}" > ${MUNGE_KEY_FILE}
 
   # Set ownership on the key