diff options
| author | Matt Goins <mjgoins@openflows.com> | 2009-02-02 19:17:20 -0500 |
|---|---|---|
| committer | Matt Goins <mjgoins@openflows.com> | 2009-02-02 19:17:20 -0500 |
| commit | 21665a14ffb50d63914748725b26a057950cad6b (patch) | |
| tree | f319daa186b19056dbc153e2814b46a8c8918e30 /src/share/ma/setup | |
| parent | 5de2eeb71c3c8f694d990058194afdda7d7f364f (diff) | |
| parent | 10c741dac082844fbf9a2fbbfc4322f718c2abea (diff) | |
Merge commit 'jrollins/master'
Diffstat (limited to 'src/share/ma/setup')
| -rw-r--r-- | src/share/ma/setup | 32 |
1 files changed, 22 insertions, 10 deletions
diff --git a/src/share/ma/setup b/src/share/ma/setup index 672a960..422cfd3 100644 --- a/src/share/ma/setup +++ b/src/share/ma/setup @@ -15,8 +15,11 @@ setup() { # make all needed directories mkdir -p "${MADATADIR}" mkdir -p "${MATMPDIR}" - mkdir -p "${GNUPGHOME_SPHERE}" mkdir -p "${GNUPGHOME_CORE}" + chmod 700 "${GNUPGHOME_CORE}" + mkdir -p "${GNUPGHOME_SPHERE}" + chmod 700 "${GNUPGHOME_SPHERE}" + mkdir -p "${MADATADIR}"/authorized_keys # deliberately replace the config files via truncation # FIXME: should we be dumping to tmp files and then moving atomically? @@ -34,43 +37,51 @@ EOF # Edits will be overwritten. no-greeting primary-keyring ${GNUPGHOME_SPHERE}/pubring.gpg -keyring ${GNUPGHOME_CORE}/pubring.gpg - list-options show-uid-validity EOF - # fingerprint of core key. this should be empty on unconfigured systems. + # make sure the monkeysphere user owns everything in th sphere + # gnupghome + chown -R "$MONKEYPSHER_USER" "${GNUPGHOME_SPHERE}" + chgrp -R "$MONKEYPSHER_USER" "${GNUPGHOME_SPHERE}" + + # get fingerprint of core key. this should be empty on unconfigured systems. local CORE_FPR=$(gpg_core --with-colons --fixed-list-mode --fingerprint --list-secret-key | grep ^fpr: | cut -f10 -d: ) if [ -z "$CORE_FPR" ] ; then - log info "Setting up Monkeysphere authentication trust core" + log info "Setting up Monkeysphere authentication trust core..." local CORE_UID=$(printf "Monkeysphere authentication trust core UID (random string: %s)" $(head -c21 </dev/urandom | base64)) local TMPLOC=$(mktemp -d "${MATMPDIR}"/tmp.XXXXXXXXXX) || failure "Could not create temporary directory!" # generate the key with ssh-keygen... - ssh-keygen -q -b 1024 -t rsa -N '' -f "${TMPLOC}/authkey" || failure "Could not generate new key for Monkeysphere authentication trust core" + log debug "generating ssh key ($CORE_KEYLENGTH bits)..." + ssh-keygen -q -b "$CORE_KEYLENGTH" -t rsa -N '' -f "${TMPLOC}/authkey" || failure "Could not generate new key for Monkeysphere authentication trust core" # and then translate to openpgp encoding and import # FIXME: pem2openpgp currently sets the A flag and a short # expiration date. We should set the C flag and no expiration # date. - < "${TMPLOC}/authkey" pem2openpgp "$CORE_UID" | gpg --import || failure "Could not import new key for Monkeysphere authentication trust core" + log debug "converting ssh key to openpgp key and importing into core..." + < "${TMPLOC}/authkey" pem2openpgp "$CORE_UID" | gpg_core --import || failure "Could not import new key for Monkeysphere authentication trust core" - gpg_core --with-colons --fixed-list-mode --fingerprint --list-secret-key + # get fingerprint of core key. should definitely not be empty at this point + log debug "get core key fingerprint..." CORE_FPR=$(gpg_core --with-colons --fixed-list-mode --fingerprint --list-secret-key | grep ^fpr: | cut -f10 -d: ) if [ -z "$CORE_FPR" ] ; then failure "Failed to create Monkeysphere authentication trust core!" fi else - log verbose "This system has already set up the Monkeysphere authentication trust core" + log verbose "This system has already set up the Monkeysphere authentication trust core." fi # ensure that the authentication sphere checker has absolute ownertrust on the expected key. + log debug "set ultimate owner trust on core key in gpg_sphere..." printf "%s:6:\n" "$CORE_FPR" | gpg_sphere --import-ownertrust local ORIG_TRUST + log debug "check gpg_sphere owner trust set properly..." if ORIG_TRUST=$(gpg_sphere --export-ownertrust | grep '^[^#]') ; then if [ "${CORE_FPR}:6:" != "$ORIG_TRUST" ] ; then failure "Monkeysphere authentication trust sphere should explicitly trust the core. It does not have proper ownertrust settings." @@ -82,7 +93,8 @@ EOF # ensure that we're using the extended trust model (1), and that # our preferences are reasonable (i.e. 3 marginal OR 1 fully # trusted certifications are sufficient to grant full validity. + log debug "check trust level of core key..." if [ "1:3:1" != $(gpg_sphere --with-colons --fixed-list-mode --list-keys | head -n1 | grep ^tru: cut -f3,6,7 -d:) ] ; then - failure "monkeysphere-preference does not have the expected trust model settings" + failure "monkeysphere-authentication does not have the expected trust model settings." fi } |