summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJameson Graef Rollins <jrollins@phys.columbia.edu>2008-06-13 16:56:50 -0400
committerJameson Graef Rollins <jrollins@phys.columbia.edu>2008-06-13 17:44:50 -0400
commit6075397cffdceaf72dd3b430c9124c2ebb59ac65 (patch)
treee15abed065acc95f675cf41d148b73f2b50ecd3f
parentad0a9cc0958b30f5be851453ea22c151097fad0c (diff)
make sure the authorized_user_ids file exists for users processed by
monkeysphere-server.
-rw-r--r--debian/monkeysphere.dirs1
-rwxr-xr-xsrc/monkeysphere4
-rwxr-xr-xsrc/monkeysphere-server23
3 files changed, 21 insertions, 7 deletions
diff --git a/debian/monkeysphere.dirs b/debian/monkeysphere.dirs
index fa2bf5f..4604eee 100644
--- a/debian/monkeysphere.dirs
+++ b/debian/monkeysphere.dirs
@@ -1,3 +1,4 @@
usr/share/monkeysphere
var/cache/monkeysphere
etc/monkeysphere
+etc/monkeysphere/authorized_user_ids
diff --git a/src/monkeysphere b/src/monkeysphere
index 782ba5e..997ca58 100755
--- a/src/monkeysphere
+++ b/src/monkeysphere
@@ -31,7 +31,7 @@ GREP_OPTIONS=
usage() {
cat <<EOF
usage: $PGRM <subcommand> [args]
-Monkeysphere client tool.
+MonkeySphere client tool.
subcommands:
update-known_hosts (k) [HOST]... update known_hosts file
@@ -176,7 +176,7 @@ case $COMMAND in
'update-authorized_keys'|'update-authorized-keys'|'a')
MODE='authorized_keys'
- # make sure authorized_user_ids file exists
+ # fail if the authorized_user_ids file is empty
if [ ! -s "$AUTHORIZED_USER_IDS" ] ; then
failure "$AUTHORIZED_USER_IDS is empty."
fi
diff --git a/src/monkeysphere-server b/src/monkeysphere-server
index ffb3452..922aad3 100755
--- a/src/monkeysphere-server
+++ b/src/monkeysphere-server
@@ -28,7 +28,7 @@ GREP_OPTIONS=
usage() {
cat <<EOF
usage: $PGRM <subcommand> [args]
-Monkeysphere server admin tool.
+MonkeySphere server admin tool.
subcommands:
update-users (s) [USER]... update users authorized_keys files
@@ -121,7 +121,7 @@ export GNUPGHOME
mkdir -p -m 0700 "$GNUPGHOME"
case $COMMAND in
- 'update-users'|'s')
+ 'update-users'|'update-user'|'s')
if [ "$1" ] ; then
unames="$@"
else
@@ -133,13 +133,17 @@ case $COMMAND in
log "----- user: $uname -----"
+ # set variables for the user
AUTHORIZED_USER_IDS="$MS_HOME"/authorized_user_ids/"$uname"
msAuthorizedKeys="$CACHE"/"$uname"/authorized_keys
cacheDir="$CACHE"/"$uname"/user_keys
- # make sure authorized_user_ids file exists
+ # make sure user's authorized_user_ids file exists
+ touch "$AUTHORIZED_USER_IDS"
+
+ # skip if the user's authorized_user_ids file is empty
if [ ! -s "$AUTHORIZED_USER_IDS" ] ; then
- log "authorized_user_ids file for '$uname' is empty or does not exist."
+ log "authorized_user_ids file for '$uname' is empty."
continue
fi
@@ -164,10 +168,12 @@ case $COMMAND in
publish_server_key
;;
- 'trust-keys'|'t')
+ 'trust-keys'|'trust-key'|'t')
if [ -z "$1" ] ; then
failure "you must specify at least one key to trust."
fi
+
+ # process key IDs
for keyID ; do
trust_key "$keyID"
done
@@ -182,8 +188,15 @@ case $COMMAND in
if [ -z "$1" ] ; then
failure "you must specify at least one userid."
fi
+
+ # set variables for the user
AUTHORIZED_USER_IDS="$MS_HOME"/authorized_user_ids/"$uname"
cacheDir="$CACHE"/"$uname"/user_keys
+
+ # make sure user's authorized_user_ids file exists
+ touch "$AUTHORIZED_USER_IDS"
+
+ # process the user IDs
for userID ; do
update_userid "$userID" "$cacheDir"
done