From: Daniel Kahn Gillmor Date: Sun, 26 Oct 2008 07:35:27 +0000 (-0400) Subject: added 0.16-1 release announcement, plus new bug. X-Git-Tag: monkeysphere_0.17-1~14 X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=502915e19c9715b866f2c9f5bf89abf85fd8aa52;p=monkeysphere.git added 0.16-1 release announcement, plus new bug. --- diff --git a/website/bugs/authorized_keys_not_cleared.mdwn b/website/bugs/authorized_keys_not_cleared.mdwn new file mode 100644 index 0000000..7246997 --- /dev/null +++ b/website/bugs/authorized_keys_not_cleared.mdwn @@ -0,0 +1,20 @@ +[[meta title="users with missing or empty authorized keys and User IDs should have MS-generated keys cleared" ]] + +I had a user who had a bunch of entries in +`~/.monkeysphere/authorized_user_ids`, and a bunch of raw keys in +`~/.ssh/authorized_keys`. My system's `monkeysphere-server` handled +this situation appropriately, and populated +`/var/lib/monkeysphere/authorized_keys/user` with the full set. + +Then i wanted to wipe out all key entries for that user. So i did: + + mkdir ~user/backup + mv ~user/.ssh ~user/.monkeysphere ~user/backup + monkeysphere-server update-users user + +I expected this to either remove +`/var/lib/monkeysphere/authorized_keys/user`, or truncate it to 0 +bytes. However, it just remained untouched, and the old keys +persisted. + +This seems like a potential security problem. diff --git a/website/download.mdwn b/website/download.mdwn index 3ba40f4..c87666b 100644 --- a/website/download.mdwn +++ b/website/download.mdwn @@ -52,31 +52,31 @@ has these checksums: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 -checksums for the monkeysphere 0.15 release: +checksums for the monkeysphere 0.16 release: MD5: -8be275e5b5119921a536d8a67d3bfe24 monkeysphere_0.15.orig.tar.gz +4bc223e8004e0e374bd54f0315585c49 monkeysphere_0.16.orig.tar.gz SHA1: -65da0a047d935e856e2a0d7032dbbb339a3ce20a monkeysphere_0.15.orig.tar.gz +82c78ea1aeecb3059a14af9dfab0f471ce315e38 monkeysphere_0.16.orig.tar.gz SHA256: -44f3feb6e9f6921d2ed0406af4e3862f67da9261c8f00c7ea37cfea5031cbc77 monkeysphere_0.15.orig.tar.gz +f2dbd031315f99c82099a4a902f2240cca97536b035ef75872e72a65f324c9d7 monkeysphere_0.16.orig.tar.gz -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) -iQIVAwUBSMG2fxjmZ/HrivMUAQJ40RAAjb4Rh9qJQztp+tAOxpvXKmItRTFyBTeB -QQWjl/gNSWbAOvZX9t+F63P8Dp/ET9XoE2iXUnClvCtkkKvwbKISHyM4C9tgu0z9 -Yggb6lFPt/Qz2fD/HTMxkeN+n0p/FVjLW9WlLPyKF++u/o8JelyuiXocHORzjtc/ -9HyQfdbZuUPA16ZsAb9D66aIC2pWR21EiXHj95EvUkm6AO53Sy9G5gzzveflRrLm -UdrcwCnbXiZklbs9wXxeZTa4qLAhv31RmkCzbE3/lNwFSBfzFFfi2HXZqQdRmIgu -xuV/wmi8xgxUbv7dbB7yhhqwFmRnzeuV3rvuvSdjqGjFu6R0fqorIOtLtBkG1m0Q -RP5gs5mU+DreYkdeLWpFFFVjaJkz0cNUcnT22EJ5JgfeH3fkoAPpjlUMvgh8apGq -CbtqmBfYVOLyifiwptCSwlQvfY2guBVmsW+C60g78vMlCa0Tezp79I5H1KdsXKlY -cw1eLt3HhEy39yojmcD5EI293tfWTIYvULXvMIZjqEFnkFvoAogtinfd8fDoH15j -8yqXOUfkuuSeGmPReyiZZkbBTMXOdM6JsXmjEMI5T9dnZcC0CClnDGfcxE2UfPQZ -v9tneWXZzFmnWaAqH+T+SJJ4gpMhD+i0vXgQ7xOhUUCF+tiY8Qh1eltR2Kf+VeYW -d+MRglTs/Z4= -=AmW6 +iQIVAwUBSQQdZRjmZ/HrivMUAQJaIA/6AnZG0yYJJ+0C4S0McnBnLMyiA4zQzVsH +5J9dAYO771h0TZnlre1NZdgiP37YiPA1et24O/S7da0Ud/CND+V7CGrsxPzsfEbP +xTPVDST2BgvnDo9LYN4Q9h7QD4lOiGjhoJM6PN/R6Zo2OGiw+yZ8RP+BW5AxW21e +3AnasZ2XLEmwqI0AMl9OWsLk4NzeS7t+ycWjwJKINOk/5ghzlOR0Use/mRyTHvzy +GhMjrLoqtgHo85pAfAWT7LkwTt+FDVRzLZl2shzJszewvPFva+z2A8kvuY+vAzUw +CSvIAC5MSrheFUg1JC+6efVbUTgn3RZj+zn7CxyttVuRzjyrnY2WkiMOT5mKuZCg +LR42FEXnDCNHjreVLB6PoU1bOseohRbfK2yN+oDSoXmO4GoKetokGEWU/S+pi/gq +dhjyMZUYv1pgE9Vtz3ps0vVC4e8D/i39qEm7JB2AWPWU4jGX5cLCeEkrfXGsGWyu +OxGGywarXfNp83R62QTh2cPZlkACj3IwoYgZ2h8r98ikyJlQE0Y7V8uHKsx1DMJX +JBemkEVW5P7pZiRS7X2zqLGIDNwqBKNRnjZ7bAhqThJXpCBWNuZ+DjGY743BBddr +RAfQUvdjbSEOD78NMh6pLLg3iYJA902EVXZX8Q8JQnjg5GlUrB2yS5uz82dwjbpx +dy0gzEhr4DA= +=DY0y -----END PGP SIGNATURE----- diff --git a/website/news/release-0.16-1.mdwn b/website/news/release-0.16-1.mdwn new file mode 100644 index 0000000..7354521 --- /dev/null +++ b/website/news/release-0.16-1.mdwn @@ -0,0 +1,31 @@ +[[meta title="Monkeysphere 0.16-1 released!"]] + +# Monkeysphere 0.16-1 released! # + +Monkeysphere 0.16-1 has been released. + +Notes from the changelog: + +
+  [ Daniel Kahn Gillmor ]
+  * replaced "#!/bin/bash" with "#!/usr/bin/env bash" for better
+    portability.
+  * fixed busted lockfile arrangement, where empty file was being locked
+  * portability fixes in the way we use date, mktemp, hostname, su
+  * stop using /usr/bin/stat, since the syntax appears to be totally
+    unportable
+  * require GNU getopt, and test for getopt failures (look for getopt in
+    /usr/local/bin first, since that's where FreeBSD's GNU-compatible
+    getopt lives.
+  * monkeysphere-server diagnostics now counts problems and suggests a
+    re-run after they have been resolved.
+  * completed basic test suite: this can be run from the git sources or
+    the tarball with: cd tests && ./basic
+
+  [ Jameson Graef Rollins ]
+  * Genericize fs location variables.
+  * break out gpg.conf files into SYSCONFIGDIR, and not auto-generated at
+    install.
+
+ +[[Download]] it now!