summaryrefslogtreecommitdiff
path: root/src/share/ma/setup
AgeCommit message (Collapse)Author
2013-03-13Simplify arguments passed to su_monkeysphere_user() and gpg_sphereJonas Smedegaard
It is a healthy coding practice to keep each argument separate when executing system calls, i.e. quote each variable separately instead of relying on whitespace to indicate argument separation. This patch improves argument passing like this: a) Each argument is passed individually (not all as a single string) b) Arguments containing no variables are not quoted c) Dynamic arguments are double-quoted ( "$@" ) Due to su_monkeysphere_user() expanding arguments using "$*" (not "$@") arguments are collapsed into single strings, and this change is therefore mostly¹ cosmetic. It does improve clarity, however. Also, it eases switching to safer quoted arguments in the future. ¹ma/update_users had $STRICT_MODES properly dual-quoted line 82 which is dropped with this change (to keep patches simple). Next patch will restore proper quoting generally (i.e. including this one now relaxed).
2013-02-07added keyid-format 0xlong to monkeysphere-authentication default gpg.conf ↵Daniel Kahn Gillmor
files (thanks, Jonas!)
2010-11-13universalize and consolidate on --fixed-list-modeDaniel Kahn Gillmor
2010-10-06Fix more calls to gpg_shere, finishing what was started in ↵Jameson Rollins
90166e0bb8e4ebc1c1174d9bc2021c604b7a1bd7 There were another calls to gpg_sphere that were packing everything into a single argument. Since we fixed the need to do that, we fix all these other calls that were fixed in the first round.
2010-05-06support x509 anchors for monkeysphere-host, allow shared anchors between m-a ↵Daniel Kahn Gillmor
and mh (closes MS #2288)
2010-03-14enable use of hkps (closes: MS #1749)Daniel Kahn Gillmor
2009-12-12hush up m-a setup because the dd was making noiseDaniel Kahn Gillmor
2009-07-11explicitly set MONKEYSPHERE_GROUPJameson Graef Rollins
The monkeysphere group is now determined from the system "groups" command, and then MONKEYSPHERE_GROUP is explicitly set from this, and then used when setting group ownership.
2009-04-06replacing head -c with dd (for portability reasons, see #673)Daniel Kahn Gillmor
2009-03-02quieting down the transition script (and m-a setup).Daniel Kahn Gillmor
2009-03-01removed base64 invocation in favor of perl to reduce dependency spread.Daniel Kahn Gillmor
2009-02-19fix arg parsing in add_certifier to allow of - for stdin read.Jameson Graef Rollins
2009-02-19more fix permissions and ownership on authentication directories.Jameson Graef Rollins
2009-02-19fix permissions and ownership on authentication directories.Jameson Graef Rollins
2009-02-19avoid chown -R, explicitly indicate the files we expect to be changed.Daniel Kahn Gillmor
2009-02-19do not show uid validity for gpg authentication core, since the core has no ↵Daniel Kahn Gillmor
ultimate ownertrust
2009-02-19add some log debug redirectsJameson Graef Rollins
2009-02-19moved directory for monkeysphere-generated authorized_keys files back to its ↵Daniel Kahn Gillmor
old location at /var/lib/monkeysphere/authorized_keys
2009-02-18add no-tty, quiet, and no-greeting to gpg wrapper invocations to supress as ↵Jameson Graef Rollins
much gpg output as possible. then cleanup gpg invocations.
2009-02-17fix ma so that the setup command is folded into the other commands, soJameson Graef Rollins
it's never needed to be run manually, and can therefore be supressed in the usage/documentation. Also, add setup to the postinst script so that it's setup on installation. Also add pipefail to ma, and try to supress unnecessary gpg output, and redirect other to log debug.
2009-02-17add some checks about setup to authenticationJameson Graef Rollins
2009-02-12fix something that was resolved improperly in the previous merge.Jameson Graef Rollins
2009-02-12Merge commit 'dkg/master'Jameson Graef Rollins
Conflicts: src/share/ma/setup
2009-02-12fix some calls to gpg_sphere that where not putting all arguments into a ↵Jameson Graef Rollins
single argument, as required by the strange su requirements.
2009-02-12trust level != trust modelDaniel Kahn Gillmor
2009-02-12tweak some of the log output inconsequentiallyJameson Graef Rollins
2009-02-12no longer require the primary-keyring for the sphere gpg.conf now that we ↵Daniel Kahn Gillmor
use a single keyring
2009-02-12fix typoDaniel Kahn Gillmor
2009-02-12Fix the ma/setup function:Jameson Graef Rollins
- fix reference to MONKEYSPHERE_USER for GNUPGHOME_SPHERE - break out core_fingerprint function - export core key to sphere keyring (necessary) - fix some logging (add more debug) and formatting
2009-02-12fix reference to MONKEYSPHER_USER in ma/setupJameson Graef Rollins
2009-02-12clean up how trust level was check in ma/setup, with some debug outputJameson Graef Rollins
2009-02-05m-a setup: take advantage of the new ability of pem2openpgp to generate its ↵Daniel Kahn Gillmor
own key.
2009-02-02add ability to specify key length of core secret key, so the test scripts ↵Jameson Graef Rollins
can specify something smaller than the default.
2009-02-01add some log debug output to ma-setupJameson Graef Rollins
2009-02-01Fix a bug in setup where gpg was called instead of gpg_core. ThisJameson Graef Rollins
could have caused serious data loss for the running user. Should note to be carefull with this in the future. Also fix ownership on sphere gnupghome.
2009-02-01new function to export signatures from core to sphere keyrings. thisJameson Graef Rollins
is so that the sphere does not have to read the core pubring to get the certifier ltsigs, and we can therefore keep tighter permissions on the core keyring files. updated some comments/documentation as well.
2009-02-01fix a bunch of directory references to the new data/share dirsJameson Graef Rollins
2009-02-01some small tweaks, and one tiny syntax bug fix, to ma/setup, and someJameson Graef Rollins
small formating and comment changes to test/basic
2009-02-01trying to improve m-a setup; still not successfully tested.Daniel Kahn Gillmor
2009-02-01removed some unnecessary setup from the basic test, pulling the random ↵Daniel Kahn Gillmor
string from /dev/urandom; generating the authentication trust core key at 2048 bits
2009-02-01add m-a setup implementationDaniel Kahn Gillmor