Age | Commit message (Collapse) | Author |
|
It is a healthy coding practice to keep each argument separate when
executing system calls, i.e. quote each variable separately instead of
relying on whitespace to indicate argument separation.
This patch improves argument passing like this:
a) Each argument is passed individually (not all as a single string)
b) Arguments containing no variables are not quoted
c) Dynamic arguments are double-quoted ( "$@" )
Due to su_monkeysphere_user() expanding arguments using "$*" (not "$@")
arguments are collapsed into single strings, and this change is
therefore mostly¹ cosmetic.
It does improve clarity, however. Also, it eases switching to safer
quoted arguments in the future.
¹ma/update_users had $STRICT_MODES properly dual-quoted line 82 which is
dropped with this change (to keep patches simple). Next patch will
restore proper quoting generally (i.e. including this one now relaxed).
|
|
It is a healthy coding practice to keep each argument separate when
executing system calls, i.e. quote each variable separately instead of
relying on whitespace to indicate argument separation.
Quoting shell-inside-shell is tricky to do right, and gets trickier when
more than a single command is wrapped together.
This patch simplifies convoluted shell calls to contain only one command
each.
Example:
before: bash -c ". .../common; process_authorized_user_ids -"
after: bash -c ".../common process_authorized_user_ids -"
|
|
|
|
This rework removes any assumption that monkeysphere-host is just
managing a single host key, or that the keys are used specifically for
ssh. The UI is exactly backwards compatible except that hostnames
('example.com') must be replaced by full service names
('ssh://example.com'). This incarnation passes the old tests with
those changes only.
There are a couple of things that still need to be done:
- need to see if a transition script is needed (some local file names
have changed)
- need to fill in check_service_name function to verify that a
specified service name fits the expected format.
- update diagnostics appropriately
|
|
|
|
|
|
The monkeysphere group is now determined from the system "groups"
command, and then MONKEYSPHERE_GROUP is explicitly set from this, and
then used when setting group ownership.
|
|
|
|
|
|
functions that are doing that sort of thing
|
|
found when adding by using key ID.
|
|
|
|
add_revoker, to avoid any confusion about having GNUPGHOME as a tempdir exported to the environment.
|
|
|
|
add_revoker and add_certifier to many similar procedures, so I'm
trying to keep them in sync as I figure out the right way to handle
things.
|
|
|
|
is more similar, and so that they can read keys from stdin instead of
just from a file. Also fix the permissions on the tempdir in
publish_key.
|
|
missing
|
|
MHTMPDIR, since it's not needed.
|
|
much gpg output as possible. then cleanup gpg invocations.
|
|
for functions that prompt for confirmation. Also fix publish_key
function (NOT TESTED).
|
|
every function that alters the host keyring, so that all changes will
show up in exported pub key file, and in show-key.
|
|
|
|
|
|
fix some logging output
|
|
and tested, though, so it's not "active" yet.
|
|
Makefile as well)
|