diff options
Diffstat (limited to 'src/share/ma')
-rw-r--r-- | src/share/ma/add_certifier | 5 | ||||
-rw-r--r-- | src/share/ma/list_certifiers | 1 | ||||
-rw-r--r-- | src/share/ma/remove_certifier | 2 | ||||
-rw-r--r-- | src/share/ma/setup | 12 |
4 files changed, 8 insertions, 12 deletions
diff --git a/src/share/ma/add_certifier b/src/share/ma/add_certifier index d34f0de..2f29759 100644 --- a/src/share/ma/add_certifier +++ b/src/share/ma/add_certifier @@ -151,15 +151,14 @@ EOF # core ltsigns the newly imported certifier key log debug "executing core ltsign script..." if echo "$ltsignCommand" | \ - gpg_core --quiet --command-fd 0 --no-tty --edit-key "0x${fingerprint}!" \ - 2>&1 | log debug ; then + gpg_core --command-fd 0 --edit-key "0x${fingerprint}!" ; then # transfer the new sigs back to the sphere keyring gpg_core_sphere_sig_transfer # update the sphere trustdb log debug "updating sphere trustdb..." - gpg_sphere "--check-trustdb" 2>&1 | log debug + gpg_sphere "--check-trustdb" log info "Identity certifier added." else diff --git a/src/share/ma/list_certifiers b/src/share/ma/list_certifiers index a02487d..38a3222 100644 --- a/src/share/ma/list_certifiers +++ b/src/share/ma/list_certifiers @@ -86,5 +86,4 @@ gpg_sphere "--fingerprint --with-colons --fixed-list-mode --check-sigs" | \ esac done - } diff --git a/src/share/ma/remove_certifier b/src/share/ma/remove_certifier index 8271ae0..10aa67b 100644 --- a/src/share/ma/remove_certifier +++ b/src/share/ma/remove_certifier @@ -36,7 +36,6 @@ else fi # delete the requested key from the sphere keyring -# FIXME: should this be a revokation instead of a removal? if gpg_sphere "--delete-key --batch --yes 0x${keyID}!" ; then # delete key from core keyring as well gpg_core --delete-key --batch --yes "0x${keyID}!" @@ -44,7 +43,6 @@ if gpg_sphere "--delete-key --batch --yes 0x${keyID}!" ; then # update the trustdb for the authentication keyring gpg_sphere "--check-trustdb" - log info "" log info "Identity certifier removed." else failure "Problem removing identity certifier." diff --git a/src/share/ma/setup b/src/share/ma/setup index a17e4f2..6969d71 100644 --- a/src/share/ma/setup +++ b/src/share/ma/setup @@ -59,7 +59,7 @@ EOF log debug "generating monkeysphere authentication trust core key ($CORE_KEYLENGTH bits)..." PEM2OPENPGP_USAGE_FLAGS=certify \ PEM2OPENPGP_NEWKEY=$CORE_KEYLENGTH pem2openpgp "$CORE_UID" \ - | gpg_core --import 2>&1 | log debug \ + | gpg_core --import \ || failure "Could not import new key for Monkeysphere authentication trust core" # get fingerprint of core key. should definitely not be empty at this point @@ -75,17 +75,17 @@ EOF # export the core key to the sphere keyring log debug "exporting core pub key to sphere keyring..." - gpg_core --quiet --export | gpg_sphere "--quiet --import" + gpg_core --export | gpg_sphere "--import" # ensure that the authentication sphere checker has absolute ownertrust on the expected key. log debug "setting ultimate owner trust on core key in gpg_sphere..." - printf "%s:6:\n" "$CORE_FPR" | gpg_sphere "--quiet --import-ownertrust" - gpg_sphere "--export-ownertrust" 2>&1 | log debug + printf "%s:6:\n" "$CORE_FPR" | gpg_sphere "--import-ownertrust" + gpg_sphere "--export-ownertrust" # check the owner trust log debug "checking gpg_sphere owner trust set properly..." local ORIG_TRUST - if ORIG_TRUST=$(gpg_sphere "--quiet --export-ownertrust" | grep '^[^#]') ; then + if ORIG_TRUST=$(gpg_sphere "--export-ownertrust" | grep '^[^#]') ; then if [ "${CORE_FPR}:6:" != "$ORIG_TRUST" ] ; then failure "Monkeysphere authentication trust sphere should explicitly trust the core. It does not have proper ownertrust settings." fi @@ -98,7 +98,7 @@ EOF # our preferences are reasonable (i.e. 3 marginal OR 1 fully # trusted certifications are sufficient to grant full validity. log debug "checking trust model for authentication ..." - local TRUST_MODEL=$(gpg_sphere "--quiet --with-colons --fixed-list-mode --list-keys" \ + local TRUST_MODEL=$(gpg_sphere "--with-colons --fixed-list-mode --list-keys" \ | head -n1 | grep "^tru:" | cut -d: -f3,6,7) log debug "sphere trust model: $TRUST_MODEL" if [ "$TRUST_MODEL" != '1:3:1' ] ; then |