diff options
| author | Daniel Kahn Gillmor <dkg@fifthhorseman.net> | 2009-02-17 23:33:55 -0500 |
|---|---|---|
| committer | Daniel Kahn Gillmor <dkg@fifthhorseman.net> | 2009-02-17 23:33:55 -0500 |
| commit | 278c20f82d2ee0954a04b8daae5cbc2788c0015c (patch) | |
| tree | d38fb83491979a432d7cade2129d0a831ef8c148 /src/share/ma | |
| parent | ad44601e1869bc0bf3ce6ca88a7476379aa3c459 (diff) | |
| parent | c1924de73702d0f999a44bc63df9bee0d432636a (diff) | |
Merge commit 'jrollins/master'
Diffstat (limited to 'src/share/ma')
| -rw-r--r-- | src/share/ma/add_certifier | 5 | ||||
| -rw-r--r-- | src/share/ma/setup | 12 |
2 files changed, 9 insertions, 8 deletions
diff --git a/src/share/ma/add_certifier b/src/share/ma/add_certifier index 54ea673..d34f0de 100644 --- a/src/share/ma/add_certifier +++ b/src/share/ma/add_certifier @@ -151,14 +151,15 @@ EOF # core ltsigns the newly imported certifier key log debug "executing core ltsign script..." if echo "$ltsignCommand" | \ - gpg_core --quiet --command-fd 0 --edit-key "0x${fingerprint}!" ; then + gpg_core --quiet --command-fd 0 --no-tty --edit-key "0x${fingerprint}!" \ + 2>&1 | log debug ; then # transfer the new sigs back to the sphere keyring gpg_core_sphere_sig_transfer # update the sphere trustdb log debug "updating sphere trustdb..." - gpg_sphere "--check-trustdb" + gpg_sphere "--check-trustdb" 2>&1 | log debug log info "Identity certifier added." else diff --git a/src/share/ma/setup b/src/share/ma/setup index f59187b..a17e4f2 100644 --- a/src/share/ma/setup +++ b/src/share/ma/setup @@ -59,7 +59,7 @@ EOF log debug "generating monkeysphere authentication trust core key ($CORE_KEYLENGTH bits)..." PEM2OPENPGP_USAGE_FLAGS=certify \ PEM2OPENPGP_NEWKEY=$CORE_KEYLENGTH pem2openpgp "$CORE_UID" \ - | gpg_core --import \ + | gpg_core --import 2>&1 | log debug \ || failure "Could not import new key for Monkeysphere authentication trust core" # get fingerprint of core key. should definitely not be empty at this point @@ -75,17 +75,17 @@ EOF # export the core key to the sphere keyring log debug "exporting core pub key to sphere keyring..." - gpg_core --export | gpg_sphere --import + gpg_core --quiet --export | gpg_sphere "--quiet --import" # ensure that the authentication sphere checker has absolute ownertrust on the expected key. log debug "setting ultimate owner trust on core key in gpg_sphere..." - printf "%s:6:\n" "$CORE_FPR" | gpg_sphere --import-ownertrust - gpg_sphere --export-ownertrust | log debug + printf "%s:6:\n" "$CORE_FPR" | gpg_sphere "--quiet --import-ownertrust" + gpg_sphere "--export-ownertrust" 2>&1 | log debug # check the owner trust log debug "checking gpg_sphere owner trust set properly..." local ORIG_TRUST - if ORIG_TRUST=$(gpg_sphere --export-ownertrust | grep '^[^#]') ; then + if ORIG_TRUST=$(gpg_sphere "--quiet --export-ownertrust" | grep '^[^#]') ; then if [ "${CORE_FPR}:6:" != "$ORIG_TRUST" ] ; then failure "Monkeysphere authentication trust sphere should explicitly trust the core. It does not have proper ownertrust settings." fi @@ -98,7 +98,7 @@ EOF # our preferences are reasonable (i.e. 3 marginal OR 1 fully # trusted certifications are sufficient to grant full validity. log debug "checking trust model for authentication ..." - local TRUST_MODEL=$(gpg_sphere "--with-colons --fixed-list-mode --list-keys" \ + local TRUST_MODEL=$(gpg_sphere "--quiet --with-colons --fixed-list-mode --list-keys" \ | head -n1 | grep "^tru:" | cut -d: -f3,6,7) log debug "sphere trust model: $TRUST_MODEL" if [ "$TRUST_MODEL" != '1:3:1' ] ; then |