Age | Commit message (Collapse) | Author | |
---|---|---|---|
2010-07-04 | add keys-for-user subcommand to monkeysphere-authentication | Jameson Rollins | |
This subcommand will output all valid key for a given user. The user's authorized_user_ids file will be read for OpenPGP user IDs, one per line. The ssh-formated RSA keys will be output to stdout. Also included is a simple script that takes the user as it's one argument and exec's this command. This is something that would be suitable for the proposed sshd AuthorizedKeysCommand. | |||
2010-05-06 | support x509 anchors for monkeysphere-host, allow shared anchors between m-a ↵ | Daniel Kahn Gillmor | |
and mh (closes MS #2288) | |||
2010-03-14 | enable use of hkps (closes: MS #1749) | Daniel Kahn Gillmor | |
2010-03-08 | fix my email address | Jameson Rollins | |
2010-01-18 | canonicalize prompting to prompt if MONKEYSPHERE_PROMPT != 'false' | Jameson Rollins | |
2010-01-10 | Clean up REQUIRED_KEY_CAPABILITY option passing to process_user_id. | Jameson Rollins | |
Get rid of 'MODE' stuff, since it was not very clear and wasn't really being used. | |||
2009-12-12 | hush up m-a setup because the dd was making noise | Daniel Kahn Gillmor | |
2009-07-26 | ensuring that STRICT_MODES gets passed through to the monkeysphere subshell ↵ | Daniel Kahn Gillmor | |
properly, and that we set it to a literal "false" in the tests. This should resolve the FTBFS associated with MS #659 | |||
2009-07-11 | Merge commit 'mlcastle/master' | Jameson Graef Rollins | |
2009-07-11 | more replacement of read -p with printf; read (re #446) | mike castleman | |
2009-07-11 | explicitly set MONKEYSPHERE_GROUP | Jameson Graef Rollins | |
The monkeysphere group is now determined from the system "groups" command, and then MONKEYSPHERE_GROUP is explicitly set from this, and then used when setting group ownership. | |||
2009-04-06 | Add two new compatibility functions: | Jameson Graef Rollins | |
- list_user to list all users on the system - get_homedir to return the path to a users home directory These functions should provide compatibility on linux, FreeBSD and Darwin systems. | |||
2009-04-06 | replacing head -c with dd (for portability reasons, see #673) | Daniel Kahn Gillmor | |
2009-03-22 | some more pruning of unnecessary usage of cat for the gnupg scripts. | Jameson Graef Rollins | |
2009-03-03 | quieted down m-a add_certifier: there is no reason why the admin should be ↵ | Daniel Kahn Gillmor | |
shown gpg noise. | |||
2009-03-02 | quieting down the transition script (and m-a setup). | Daniel Kahn Gillmor | |
2009-03-02 | get rid of FILE_OWNER variable, in favor of just using $(whoami) when | Jameson Graef Rollins | |
running check_key_file_permissions in update_known_hosts, update_authorized_keys, and process_authorized_user_ids. this is fine, since the policy is just that a user is always updating their own files. closes monkeysphere bug #630. | |||
2009-03-01 | proposed fix for issue 630; since m-a u operates on a saved copy of the ↵ | Daniel Kahn Gillmor | |
users authorized_user_ids file, we should only check filesystem permissions against the monkeysphere user, not the target user. | |||
2009-03-01 | switched $USER to $FILE_OWNER; new name is more semantically clear and less ↵ | Daniel Kahn Gillmor | |
likely to collide with other common uses of $USER. | |||
2009-03-01 | explicity set the USER variable, since it's needed for checking file ↵ | Jameson Graef Rollins | |
permissions. add/modify some debug messages. | |||
2009-03-01 | break out default variables into their own file: defaultenv | Jameson Graef Rollins | |
this allows the common file to be sourced without reseting variables to their defaults, which was causing a problem with su_monkeysphere_user. also added some more debug messages. | |||
2009-03-01 | removed base64 invocation in favor of perl to reduce dependency spread. | Daniel Kahn Gillmor | |
2009-02-22 | egrep -q terminates at the first match. m-a list-identity-certifiers chokes ↵ | Daniel Kahn Gillmor | |
if it cannot write to stdout. Because we are setting pipefail, this causes the pipeline checking for any certifiers to return untrue. solution? do not use -q, and send the output to /dev/null | |||
2009-02-22 | really really fix m-a diagnostics checking of identity certifiers. | Daniel Kahn Gillmor | |
2009-02-22 | fix some return code setting stuf that was no longer being used, and change ↵ | Jameson Graef Rollins | |
name of return code variable in update_users, since all-caps variables should be reserved for global vars. | |||
2009-02-21 | reverse sense of test for valid identity certifiers in m-a diagnostics. | Daniel Kahn Gillmor | |
2009-02-21 | fix syntax error in m-a diagnostics. | Daniel Kahn Gillmor | |
2009-02-21 | fix output formatting for cases where multiple fingerprints are found, in ↵ | Jameson Graef Rollins | |
functions that are doing that sort of thing | |||
2009-02-21 | add tests to add_revoker and add_certifier that more than one key was not ↵ | Jameson Graef Rollins | |
found when adding by using key ID. | |||
2009-02-21 | make sure we're explicitly capturing return codes in places where they are ↵ | Jameson Graef Rollins | |
tested, in case things are being run set -e | |||
2009-02-20 | tweak/cleanup some of the prompts. | Jameson Graef Rollins | |
2009-02-20 | tuning some diagnostic text. | Daniel Kahn Gillmor | |
2009-02-20 | add_revoker fully working. also cleanup of add_certifier. | Jameson Graef Rollins | |
add_revoker and add_certifier to many similar procedures, so I'm trying to keep them in sync as I figure out the right way to handle things. | |||
2009-02-19 | Merge commit 'jrollins/master' | Daniel Kahn Gillmor | |
2009-02-19 | clean up the diagnostics functions, check for ID-Certifiers in m-a d | Daniel Kahn Gillmor | |
2009-02-19 | diagnostics should now check for cruft from old versions of the monkeysphere. | Daniel Kahn Gillmor | |
2009-02-19 | fix arg parsing in add_certifier to allow of - for stdin read. | Jameson Graef Rollins | |
2009-02-19 | Modify/cleanup add_certifier and add_revoker, so that their code base | Jameson Graef Rollins | |
is more similar, and so that they can read keys from stdin instead of just from a file. Also fix the permissions on the tempdir in publish_key. | |||
2009-02-19 | more fix permissions and ownership on authentication directories. | Jameson Graef Rollins | |
2009-02-19 | fix permissions and ownership on authentication directories. | Jameson Graef Rollins | |
2009-02-19 | avoid chown -R, explicitly indicate the files we expect to be changed. | Daniel Kahn Gillmor | |
2009-02-19 | do not show uid validity for gpg authentication core, since the core has no ↵ | Daniel Kahn Gillmor | |
ultimate ownertrust | |||
2009-02-19 | add some log debug redirects | Jameson Graef Rollins | |
2009-02-19 | Merge commit 'dkg/master' | Jameson Graef Rollins | |
2009-02-19 | tweak some of the prompting, to change defaults, and add PROMPT usage where ↵ | Jameson Graef Rollins | |
missing | |||
2009-02-19 | made gpg_sphere use --quiet again, and now doing more explicit extraction of ↵ | Daniel Kahn Gillmor | |
key fingerprint during add-certifier from file. | |||
2009-02-19 | clean up failure message | Daniel Kahn Gillmor | |
2009-02-19 | catch pipe failures more cleanly during key import | Daniel Kahn Gillmor | |
2009-02-19 | moved directory for monkeysphere-generated authorized_keys files back to its ↵ | Daniel Kahn Gillmor | |
old location at /var/lib/monkeysphere/authorized_keys | |||
2009-02-18 | add no-tty, quiet, and no-greeting to gpg wrapper invocations to supress as ↵ | Jameson Graef Rollins | |
much gpg output as possible. then cleanup gpg invocations. |