summaryrefslogtreecommitdiff
path: root/src/monkeysphere-authentication
diff options
context:
space:
mode:
authorJameson Graef Rollins <jrollins@finestructure.net>2009-02-01 21:14:22 -0500
committerJameson Graef Rollins <jrollins@finestructure.net>2009-02-01 21:14:22 -0500
commit0655d5cbf24a29da4aff7e272e82bfa258b2ceed (patch)
tree6e462df5ff450ddd67ddf3fdf686ddcbcfcd4668 /src/monkeysphere-authentication
parent7548a859412f10e68f90ee68f330593d85b090fc (diff)
new function to export signatures from core to sphere keyrings. this
is so that the sphere does not have to read the core pubring to get the certifier ltsigs, and we can therefore keep tighter permissions on the core keyring files. updated some comments/documentation as well.
Diffstat (limited to 'src/monkeysphere-authentication')
-rwxr-xr-xsrc/monkeysphere-authentication18
1 files changed, 7 insertions, 11 deletions
diff --git a/src/monkeysphere-authentication b/src/monkeysphere-authentication
index 7c43aa8..2316183 100755
--- a/src/monkeysphere-authentication
+++ b/src/monkeysphere-authentication
@@ -85,8 +85,6 @@ su_monkeysphere_user() {
# function to interact with the gpg core keyring
gpg_core() {
- local returnCode
-
GNUPGHOME="$GNUPGHOME_CORE"
export GNUPGHOME
@@ -94,15 +92,7 @@ gpg_core() {
# user to be able to read the host pubring. we realize this might
# be problematic, but it's the simplest solution, without too much
# loss of security.
- gpg --no-permission-warning "$@"
- returnCode="$?"
-
- # always reset the permissions on the host pubring so that the
- # monkeysphere user can read the trust signatures
- chgrp "$MONKEYSPHERE_USER" "${GNUPGHOME_CORE}/pubring.gpg"
- chmod g+r "${GNUPGHOME_CORE}/pubring.gpg"
-
- return "$returnCode"
+ gpg "$@"
}
# function to interact with the gpg sphere keyring
@@ -116,6 +106,12 @@ gpg_sphere() {
su_monkeysphere_user "gpg $@"
}
+# export signatures from core to sphere
+gpg_core_sphere_sig_transfer() {
+ gpg_core --export-options export-local-sigs --export | \
+ gpg_sphere --import-options import-local-sigs --import
+}
+
########################################################################
# MAIN
########################################################################