PGRM=$(basename $0)
-SYSSHAREDIR=${MONKEYSPHERE_SYSSHAREDIR:-"/usr/share/monkeysphere"}
+SYSSHAREDIR=${MONKEYSPHERE_SYSSHAREDIR:-"__SYSSHAREDIR_PREFIX__/share/monkeysphere"}
export SYSSHAREDIR
-. "${SYSSHAREDIR}/common" || exit 1
-
-SYSDATADIR=${MONKEYSPHERE_SYSDATADIR:-"/var/lib/monkeysphere"}
-export SYSDATADIR
+. "${SYSSHAREDIR}/defaultenv"
+. "${SYSSHAREDIR}/common"
# sharedir for authentication functions
MASHAREDIR="${SYSSHAREDIR}/ma"
# unset some environment variables that could screw things up
unset GREP_OPTIONS
-# default return code
-RETURN=0
-
########################################################################
# FUNCTIONS
########################################################################
Monkeysphere authentication admin tool.
subcommands:
- update-users (u) [USER]... update user authorized_keys files
- add-id-certifier (c+) KEYID import and tsign a certification key
- --domain (-n) DOMAIN limit ID certifications to DOMAIN
- --trust (-t) TRUST trust level of certifier (full)
- --depth (-d) DEPTH trust depth for certifier (1)
- remove-id-certifier (c-) KEYID remove a certification key
- list-id-certifiers (c) list certification keys
+ update-users (u) [USER]... update user authorized_keys files
+ refresh-keys (r) refresh keys in keyring
+ keys-for-user USER output valid keys for user
+
+ add-id-certifier (c+) KEYID|FILE import and tsign a certification key
+ [--domain (-n) DOMAIN] limit ID certifications to DOMAIN
+ [--trust (-t) TRUST] trust level of certifier (default: full)
+ [--depth (-d) DEPTH] trust depth for certifier (default: 1)
+ remove-id-certifier (c-) KEYID remove a certification key
+ list-id-certifiers (c) list certification keys
- version (v) show version number
- help (h,?) this help
+ version (v) show version number
+ help (h,?) this help
See ${PGRM}(8) for more info.
EOF
}
# function to interact with the gpg sphere keyring
-# FIXME: this function requires only a single argument because of
-# problems with quote expansion. this needs to be fixed/improved.
gpg_sphere() {
GNUPGHOME="$GNUPGHOME_SPHERE"
export GNUPGHOME
-
- su_monkeysphere_user "gpg --no-greeting --no-tty $@"
+
+ su_monkeysphere_user "gpg --no-greeting --quiet --no-tty $@"
}
# output to stdout the core fingerprint from the gpg core secret
gpg_core_sphere_sig_transfer() {
log debug "exporting core local sigs to sphere..."
gpg_core --export-options export-local-sigs --export | \
- gpg_sphere "--import-options import-local-sigs --import"
+ gpg_sphere --import-options import-local-sigs --import 2>&1 | log debug
}
########################################################################
KEYSERVER=${MONKEYSPHERE_KEYSERVER:=$KEYSERVER}
CHECK_KEYSERVER=${MONKEYSPHERE_CHECK_KEYSERVER:=$CHECK_KEYSERVER}
MONKEYSPHERE_USER=${MONKEYSPHERE_MONKEYSPHERE_USER:=$MONKEYSPHERE_USER}
+MONKEYSPHERE_GROUP=$(get_primary_group "$MONKEYSPHERE_USER")
PROMPT=${MONKEYSPHERE_PROMPT:=$PROMPT}
AUTHORIZED_USER_IDS=${MONKEYSPHERE_AUTHORIZED_USER_IDS:=$AUTHORIZED_USER_IDS}
RAW_AUTHORIZED_KEYS=${MONKEYSPHERE_RAW_AUTHORIZED_KEYS:=$RAW_AUTHORIZED_KEYS}
+STRICT_MODES=${MONKEYSPHERE_STRICT_MODES:=$STRICT_MODES}
# other variables
REQUIRED_USER_KEY_CAPABILITY=${MONKEYSPHERE_REQUIRED_USER_KEY_CAPABILITY:="a"}
GNUPGHOME_CORE=${MONKEYSPHERE_GNUPGHOME_CORE:="${MADATADIR}/core"}
GNUPGHOME_SPHERE=${MONKEYSPHERE_GNUPGHOME_SPHERE:="${MADATADIR}/sphere"}
CORE_KEYLENGTH=${MONKEYSPHERE_CORE_KEYLENGTH:="2048"}
+LOG_PREFIX=${MONKEYSPHERE_LOG_PREFIX:='ms: '}
# export variables needed in su invocation
export DATE
-export MODE
export LOG_LEVEL
export KEYSERVER
export MONKEYSPHERE_USER
+export MONKEYSPHERE_GROUP
export PROMPT
export CHECK_KEYSERVER
export REQUIRED_USER_KEY_CAPABILITY
export GNUPGHOME_SPHERE
export GNUPGHOME
export CORE_KEYLENGTH
+export LOG_PREFIX
+
+if [ "$#" -eq 0 ] ; then
+ usage
+ failure "Please supply a subcommand."
+fi
# get subcommand
COMMAND="$1"
-[ "$COMMAND" ] || failure "Type '$PGRM help' for usage."
shift
case $COMMAND in
setup
;;
- 'update-users'|'update-user'|'u')
+ 'update-users'|'update-user'|'update'|'u')
source "${MASHAREDIR}/setup"
setup
source "${MASHAREDIR}/update_users"
update_users "$@"
;;
+ 'refresh-keys'|'refresh'|'r')
+ source "${MASHAREDIR}/setup"
+ setup
+ gpg_sphere --keyserver "$KEYSERVER" --refresh-keys
+ ;;
+
+ 'keys-for-user')
+ source "${MASHAREDIR}/keys_for_user"
+ keys_for_user "$@"
+ ;;
+
'add-identity-certifier'|'add-id-certifier'|'add-certifier'|'c+')
source "${MASHAREDIR}/setup"
setup
gpg_sphere "$@"
;;
- 'version'|'v')
- echo "$VERSION"
+ 'version'|'--version'|'v')
+ version
;;
'--help'|'help'|'-h'|'h'|'?')
*)
failure "Unknown command: '$COMMAND'
-Type '$PGRM help' for usage."
+Try '$PGRM help' for usage."
;;
esac
-
-exit "$RETURN"
projects / monkeysphere.git / blobdiff