4 files changed, 10 insertions, 10 deletions
diff --git a/src/share/ma/add_certifier b/src/share/ma/add_certifier
index 6f85ecf..544a3f0 100644
--- a/src/share/ma/add_certifier
+++ b/src/share/ma/add_certifier
@@ -108,7 +108,7 @@ if [ -f "$keyID" -o "$keyID" = '-' ] ; then
     fi
 
     # load the key
-    gpg_sphere "--import" <"$keyID" \
+    gpg_sphere "--import" <"$keyID" 2>/dev/null \
 	|| failure "could not read key from '$keyID'"
 
 # else, get the key from the keyserver
diff --git a/src/share/ma/diagnostics b/src/share/ma/diagnostics
index 8fc4b31..8eca586 100644
--- a/src/share/ma/diagnostics
+++ b/src/share/ma/diagnostics
@@ -103,7 +103,7 @@ fi
 # make sure that at least one identity certifier exists
 echo
 echo "Checking for Identity Certifiers..."
-if ! monkeysphere-authentication list-identity-certifiers | egrep -q '^[A-F0-9]{40}:' then
+if ! ( monkeysphere-authentication list-identity-certifiers | egrep '^[A-F0-9]{40}:' >/dev/null ) ; then
     echo "! No Identity Certifiers found!"
     echo " - Recommendation: once you know who should be able to certify the identities of 
      connecting users, you should add their key, with: 
diff --git a/src/share/ma/setup b/src/share/ma/setup
index e77afff..b453f3c 100644
--- a/src/share/ma/setup
+++ b/src/share/ma/setup
@@ -57,7 +57,7 @@ EOF
     if [ -z "$CORE_FPR" ] ; then
 	log info "setting up Monkeysphere authentication trust core..."
 
-	local CORE_UID=$(printf "Monkeysphere authentication trust core UID (random string: %s)" $(head -c21 </dev/urandom | base64))
+	local CORE_UID=$(printf "Monkeysphere authentication trust core UID (random string: %s)" $(head -c21 </dev/urandom | perl -MMIME::Base64 -ne 'print encode_base64($_)'))
     
 	log debug "generating monkeysphere authentication trust core key ($CORE_KEYLENGTH bits)..."
 	PEM2OPENPGP_USAGE_FLAGS=certify \
@@ -82,7 +82,7 @@ EOF
 
     # ensure that the authentication sphere checker has absolute ownertrust on the expected key.
     log debug "setting ultimate owner trust on core key in gpg_sphere..."
-    printf "%s:6:\n" "$CORE_FPR" | gpg_sphere "--import-ownertrust"
+    printf "%s:6:\n" "$CORE_FPR" | gpg_sphere "--import-ownertrust" 2>&1 | log verbose
     gpg_sphere "--export-ownertrust" 2>&1 | log debug
 
     # check the owner trust
@@ -101,7 +101,7 @@ EOF
     # our preferences are reasonable (i.e. 3 marginal OR 1 fully
     # trusted certifications are sufficient to grant full validity.
     log debug "checking trust model for authentication ..."
-    local TRUST_MODEL=$(gpg_sphere "--with-colons --fixed-list-mode --list-keys" \
+    local TRUST_MODEL=$(gpg_sphere "--with-colons --fixed-list-mode --list-keys" 2>/dev/null \
 	| head -n1 | grep "^tru:" | cut -d: -f3,6,7)
     log debug "sphere trust model: $TRUST_MODEL"
     if [ "$TRUST_MODEL" != '1:3:1' ] ; then
diff --git a/src/share/ma/update_users b/src/share/ma/update_users
index bfefc31..3a5c006 100644
--- a/src/share/ma/update_users
+++ b/src/share/ma/update_users
@@ -13,6 +13,7 @@
 
 update_users() {
 
+local returnCode=0
 local unames
 local uname
 local authorizedKeysDir
@@ -26,8 +27,6 @@ else
     unames=$(getent passwd | cut -d: -f1)
 fi
 
-RETURN=0
-
 # set mode
 MODE="authorized_keys"
 
@@ -81,6 +80,7 @@ for uname in $unames ; do
     # translating ssh-style path variables
     authorizedUserIDs=$(translate_ssh_variables "$uname" "$AUTHORIZED_USER_IDS")
     if [ -s "$authorizedUserIDs" ] ; then
+	log debug "authorized_user_ids file found."
 	# check permissions on the authorized_user_ids file path
 	if check_key_file_permissions "$uname" "$authorizedUserIDs" ; then
             # copy user authorized_user_ids file to temporary
@@ -94,7 +94,7 @@ for uname in $unames ; do
 	    # process authorized_user_ids file, as monkeysphere user
 	    su_monkeysphere_user \
 		". ${SYSSHAREDIR}/common; process_authorized_user_ids $TMP_AUTHORIZED_USER_IDS" \
-		|| RETURN="$?"
+		|| returnCode="$?"
 	else
 	    log debug "not processing authorized_user_ids."
 	fi
@@ -141,7 +141,7 @@ for uname in $unames ; do
 	    log error "Failed to install authorized_keys for '$uname'!"
 	    rm -f "${authorizedKeysDir}/${uname}"
 	    # indicate that there has been a failure:
-	    RETURN=1
+	    returnCode=1
 	}
     else
 	rm -f "${authorizedKeysDir}/${uname}"
@@ -154,5 +154,5 @@ for uname in $unames ; do
     rm -rf "$TMPLOC"
 done
 
-return $RETURN
+return $returnCode
 }