Merge commit 'jrollins/master'

1 files changed, 16 insertions, 2 deletions

diff --git a/src/share/ma/diagnostics b/src/share/ma/diagnostics
index 0411080..ce463b2 100644
--- a/src/share/ma/diagnostics
+++ b/src/share/ma/diagnostics
@@ -28,6 +28,8 @@ local badhostkeys
 local sshd_config
 local problemsfound=0
 
+report_cruft
+
 if ! id monkeysphere >/dev/null ; then
     echo "! No monkeysphere user found!  Please create a monkeysphere system user with bash as its shell."
     problemsfound=$(($problemsfound+1))
@@ -45,7 +47,10 @@ if ! [ -d "$MADATADIR" ] ; then
     exit
 fi    
 
-# FIXME: what's the correct, cross-platform answer?
+# FIXME: what's the correct, cross-platform way to determine where
+# sshd_config lives?
+sshd_config=/etc/ssh/sshd_config
+
 seckey=$(gpg_core --list-secret-keys --fingerprint --with-colons --fixed-list-mode)
 keysfound=$(echo "$seckey" | grep -c ^sec:)
 curdate=$(date +%s)
@@ -95,7 +100,16 @@ fi
 # FIXME: look to see that the ownertrust rules are set properly on the
 #    sphere keyring
 
-# FIXME: make sure that at least one identity certifier exists
+# make sure that at least one identity certifier exists
+echo
+echo "Checking for Identity Certifiers..."
+if ! monkeysphere-authentication list-identity-certifiers | egrep -q '^[A-F0-9]{40}:' then
+    echo "! No Identity Certifiers found!"
+    echo " - Recommendation: once you know who should be able to certify identities for 
+     connecting users, you should add their key, with: 
+      monkeysphere-authentication add-identity-certifier"
+    problemsfound=$(($problemsfound+1))
+fi
 
 # FIXME: look at the timestamps on the monkeysphere-generated
 # authorized_keys files -- warn if they seem out-of-date.