diff options
| -rw-r--r-- | debian/changelog | 4 | ||||
| -rw-r--r-- | etc/monkeysphere-server.conf | 23 | ||||
| -rw-r--r-- | etc/monkeysphere.conf | 8 | ||||
| -rwxr-xr-x | src/monkeysphere-server | 2 |
4 files changed, 19 insertions, 18 deletions
diff --git a/debian/changelog b/debian/changelog index 9aa2b0a..4db311e 100644 --- a/debian/changelog +++ b/debian/changelog @@ -2,8 +2,10 @@ monkeysphere (0.17-1) experimental; urgency=low * Fix some bugs in, and cleanup, authorized_keys file creation in monkeysphere-server update-users. + * Move to using the empty string for not adding a user-controlled + authorized_keys file in the RAW_AUTHORIZED_KEYS variable. - -- Jameson Graef Rollins <jrollins@phys.columbia.edu> Sun, 26 Oct 2008 21:49:17 -0400 + -- Jameson Graef Rollins <jrollins@phys.columbia.edu> Mon, 27 Oct 2008 07:39:10 -0400 monkeysphere (0.16-1) experimental; urgency=low diff --git a/etc/monkeysphere-server.conf b/etc/monkeysphere-server.conf index adbac7e..2693699 100644 --- a/etc/monkeysphere-server.conf +++ b/etc/monkeysphere-server.conf @@ -1,9 +1,9 @@ -# MonkeySphere server configuration file. +# Monkeysphere server configuration file. # This is an sh-style shell configuration file. Variable names should -# be separated from their assignements by a single '=' and no spaces. -# Environement variables with the same names as these variables but -# prefeced by "MONKEYSPHERE_" will take precedence over the values +# be separated from their assignments by a single '=' and no spaces. +# Environment variables with the same names as these variables but +# prefaced by "MONKEYSPHERE_" will take precedence over the values # specified here. # User who controls the monkeysphere authentication keyring. @@ -15,15 +15,14 @@ # Path to authorized_user_ids file to process to create # authorized_keys file. '%h' will be replaced by the home directory -# of the user, and %u will be replaced by the username of the user. +# of the user, and '%u' will be replaced by the username of the user. # For purely admin-controlled authorized_user_ids, you might put them -# in /etc/monkeysphere/authorized_user_ids/%u +# in /etc/monkeysphere/authorized_user_ids/%u, for instance. #AUTHORIZED_USER_IDS="%h/.monkeysphere/authorized_user_ids" -# Whether to add user controlled authorized_keys file to -# monkeysphere-generated authorized_keys file. Should be path to file -# where '%h' will be replaced by the home directory of the user or -# '%u' by the username. To not add any user-controlled file, put "-" -# FIXME: this usage of "-" contravenes the normal convention where "-" -# means standard in/out. Why not use "none" or "" instead? +# Path to a user controlled authorized_keys file to be added to the +# monkeysphere-generated authorized_keys file. '%h' will be replaced +# by the home directory of the user, and '%u' will by replaced by the +# username of the user. To not add any user-controlled file set this +# variable to be the empty string, "". #RAW_AUTHORIZED_KEYS="%h/.ssh/authorized_keys" diff --git a/etc/monkeysphere.conf b/etc/monkeysphere.conf index a45fff0..92aa419 100644 --- a/etc/monkeysphere.conf +++ b/etc/monkeysphere.conf @@ -1,9 +1,9 @@ -# MonkeySphere system-wide client configuration file. +# Monkeysphere system-wide client configuration file. # This is an sh-style shell configuration file. Variable names should -# be separated from their assignements by a single '=' and no spaces. -# Environement variables with the same names as these variables but -# prefeced by "MONKEYSPHERE_" will take precedence over the values +# be separated from their assignments by a single '=' and no spaces. +# Environment variables with the same names as these variables but +# prefaced by "MONKEYSPHERE_" will take precedence over the values # specified here. # Log level. Can be SILENT, ERROR, INFO, DEBUG, in increasing order diff --git a/src/monkeysphere-server b/src/monkeysphere-server index fb71081..6ca6a4f 100755 --- a/src/monkeysphere-server +++ b/src/monkeysphere-server @@ -220,7 +220,7 @@ update_users() { # add user-controlled authorized_keys file if specified # translate ssh-style path variables rawAuthorizedKeys=$(translate_ssh_variables "$uname" "$RAW_AUTHORIZED_KEYS") - if [ "$rawAuthorizedKeys" != '-' -a -s "$rawAuthorizedKeys" ] ; then + if [ "$rawAuthorizedKeys" -a -s "$rawAuthorizedKeys" ] ; then # check permissions on the authorized_keys file path if check_key_file_permissions "$uname" "$rawAuthorizedKeys" ; then log verbose "adding raw authorized_keys file... " |