summaryrefslogtreecommitdiff
path: root/src/share/ma
AgeCommit message (Collapse)Author
2009-03-03quieted down m-a add_certifier: there is no reason why the admin should be ↵Daniel Kahn Gillmor
shown gpg noise.
2009-03-02quieting down the transition script (and m-a setup).Daniel Kahn Gillmor
2009-03-02get rid of FILE_OWNER variable, in favor of just using $(whoami) whenJameson Graef Rollins
running check_key_file_permissions in update_known_hosts, update_authorized_keys, and process_authorized_user_ids. this is fine, since the policy is just that a user is always updating their own files. closes monkeysphere bug #630.
2009-03-01proposed fix for issue 630; since m-a u operates on a saved copy of the ↵Daniel Kahn Gillmor
users authorized_user_ids file, we should only check filesystem permissions against the monkeysphere user, not the target user.
2009-03-01switched $USER to $FILE_OWNER; new name is more semantically clear and less ↵Daniel Kahn Gillmor
likely to collide with other common uses of $USER.
2009-03-01explicity set the USER variable, since it's needed for checking file ↵Jameson Graef Rollins
permissions. add/modify some debug messages.
2009-03-01break out default variables into their own file: defaultenvJameson Graef Rollins
this allows the common file to be sourced without reseting variables to their defaults, which was causing a problem with su_monkeysphere_user. also added some more debug messages.
2009-03-01removed base64 invocation in favor of perl to reduce dependency spread.Daniel Kahn Gillmor
2009-02-22egrep -q terminates at the first match. m-a list-identity-certifiers chokes ↵Daniel Kahn Gillmor
if it cannot write to stdout. Because we are setting pipefail, this causes the pipeline checking for any certifiers to return untrue. solution? do not use -q, and send the output to /dev/null
2009-02-22really really fix m-a diagnostics checking of identity certifiers.Daniel Kahn Gillmor
2009-02-22fix some return code setting stuf that was no longer being used, and change ↵Jameson Graef Rollins
name of return code variable in update_users, since all-caps variables should be reserved for global vars.
2009-02-21reverse sense of test for valid identity certifiers in m-a diagnostics.Daniel Kahn Gillmor
2009-02-21fix syntax error in m-a diagnostics.Daniel Kahn Gillmor
2009-02-21fix output formatting for cases where multiple fingerprints are found, in ↵Jameson Graef Rollins
functions that are doing that sort of thing
2009-02-21add tests to add_revoker and add_certifier that more than one key was not ↵Jameson Graef Rollins
found when adding by using key ID.
2009-02-21make sure we're explicitly capturing return codes in places where they are ↵Jameson Graef Rollins
tested, in case things are being run set -e
2009-02-20tweak/cleanup some of the prompts.Jameson Graef Rollins
2009-02-20tuning some diagnostic text.Daniel Kahn Gillmor
2009-02-20add_revoker fully working. also cleanup of add_certifier.Jameson Graef Rollins
add_revoker and add_certifier to many similar procedures, so I'm trying to keep them in sync as I figure out the right way to handle things.
2009-02-19Merge commit 'jrollins/master'Daniel Kahn Gillmor
2009-02-19clean up the diagnostics functions, check for ID-Certifiers in m-a dDaniel Kahn Gillmor
2009-02-19diagnostics should now check for cruft from old versions of the monkeysphere.Daniel Kahn Gillmor
2009-02-19fix arg parsing in add_certifier to allow of - for stdin read.Jameson Graef Rollins
2009-02-19Modify/cleanup add_certifier and add_revoker, so that their code baseJameson Graef Rollins
is more similar, and so that they can read keys from stdin instead of just from a file. Also fix the permissions on the tempdir in publish_key.
2009-02-19more fix permissions and ownership on authentication directories.Jameson Graef Rollins
2009-02-19fix permissions and ownership on authentication directories.Jameson Graef Rollins
2009-02-19avoid chown -R, explicitly indicate the files we expect to be changed.Daniel Kahn Gillmor
2009-02-19do not show uid validity for gpg authentication core, since the core has no ↵Daniel Kahn Gillmor
ultimate ownertrust
2009-02-19add some log debug redirectsJameson Graef Rollins
2009-02-19Merge commit 'dkg/master'Jameson Graef Rollins
2009-02-19tweak some of the prompting, to change defaults, and add PROMPT usage where ↵Jameson Graef Rollins
missing
2009-02-19made gpg_sphere use --quiet again, and now doing more explicit extraction of ↵Daniel Kahn Gillmor
key fingerprint during add-certifier from file.
2009-02-19clean up failure messageDaniel Kahn Gillmor
2009-02-19catch pipe failures more cleanly during key importDaniel Kahn Gillmor
2009-02-19moved directory for monkeysphere-generated authorized_keys files back to its ↵Daniel Kahn Gillmor
old location at /var/lib/monkeysphere/authorized_keys
2009-02-18add no-tty, quiet, and no-greeting to gpg wrapper invocations to supress as ↵Jameson Graef Rollins
much gpg output as possible. then cleanup gpg invocations.
2009-02-18fix some log outputJameson Graef Rollins
2009-02-17Merge commit 'jrollins/master'Daniel Kahn Gillmor
2009-02-17make m-a list-certifiers more intelligible when multiple uids have ltsigs.Daniel Kahn Gillmor
2009-02-17fix ma so that the setup command is folded into the other commands, soJameson Graef Rollins
it's never needed to be run manually, and can therefore be supressed in the usage/documentation. Also, add setup to the postinst script so that it's setup on installation. Also add pipefail to ma, and try to supress unnecessary gpg output, and redirect other to log debug.
2009-02-17add ability to bypass prompting with a MONKEYSPHERE_PROMPT variable,Jameson Graef Rollins
for functions that prompt for confirmation. Also fix publish_key function (NOT TESTED).
2009-02-17add some checks about setup to authenticationJameson Graef Rollins
2009-02-17update m-a list-identity-certifiers: output is not yet human-readable, but ↵Daniel Kahn Gillmor
it should be more accurate.
2009-02-17fix a couple of left over references to expertJameson Graef Rollins
2009-02-12fix something that was resolved improperly in the previous merge.Jameson Graef Rollins
2009-02-12Merge commit 'dkg/master'Jameson Graef Rollins
Conflicts: src/share/ma/setup
2009-02-12fix some calls to gpg_sphere that where not putting all arguments into a ↵Jameson Graef Rollins
single argument, as required by the strange su requirements.
2009-02-12trust level != trust modelDaniel Kahn Gillmor
2009-02-12tweak some of the log output inconsequentiallyJameson Graef Rollins
2009-02-12no longer require the primary-keyring for the sphere gpg.conf now that we ↵Daniel Kahn Gillmor
use a single keyring