From 7019354a75ca19ffd2e10f2e2b3dc89b480156bd Mon Sep 17 00:00:00 2001
From: Jameson Graef Rollins <jrollins@phys.columbia.edu>
Date: Thu, 19 Jun 2008 18:09:41 -0400
Subject: Better handling of unknown users in server update-users.  Updated
 TODO file.

---
 doc/TODO                         | 21 +++------------------
 doc/george/user-id-configuration |  7 -------
 2 files changed, 3 insertions(+), 25 deletions(-)

(limited to 'doc')

diff --git a/doc/TODO b/doc/TODO
index 5cd9be9..a82f031 100644
--- a/doc/TODO
+++ b/doc/TODO
@@ -26,37 +26,22 @@ Streamline host key generation, publication, verification.  See
    doc/george/host-key-publication for what dkg went through on
    2008-06-19
 
-Streamline authorized_user_ids setup (including question of where
-   authorized_user_ids files should go).  See
-   doc/george/user-id-configuration for what dkg went through on
-   2008-06-19
-
 Ensure that authorized_user_ids are under as tight control as ssh
    expects from authorized_keys: we don't want monkeysphere to be a
    weak link in the filesystem.
 
-What happens when there are no entries in the authorized_user_ids file
-   for a user?  /var/cache/monkeysphere/authorized_keys/$USER.tmp
-   seems like it gets created and then left there.
-
 What happens when a user account has no corresponding
    /etc/monkeysphere/authorized_user_ids/$USER file?  What gets placed
    in /var/cache/monkeysphere/authorized_keys/$USER?  It looks
    currently untouched, which could mean bad things for such a user.
+   - if authorized_user_ids is empty, then the user's authorized_keys
+     file will be also, unless the user-controlled authorized_keys file
+     is added.  I believe this is expected, correct behavior.
 
 Consider the default permissions for
    /var/cache/monkeysphere/authorized_keys/* (and indeed the whole
    directory path leading up to that)
 
-What should happen when an admin does 
-   "monkeysphere-server update-users not_an_existent_user"?
-   currently, it adds
-   /etc/monkeysphere/authorized_user_ids/not_an_existent_user, which
-   seems rather wrong.
-
-is /var/cache/monkeysphere/authorized_keys/$USER.tmp guaranteed to
-   avoid collisions?  Why not use a real mktemp file?
-
 As an administrator, how do i reverse the effect of a
    "monkeysphere-server trust-keys" that i later decide i should not
    have run?
diff --git a/doc/george/user-id-configuration b/doc/george/user-id-configuration
index d42bfbd..9a7f4d2 100644
--- a/doc/george/user-id-configuration
+++ b/doc/george/user-id-configuration
@@ -33,13 +33,6 @@ and then modified /etc/ssh/sshd_config with:
 
 Some outstanding questions:
 
- * why are the authorized_user_ids stored in /etc/ and not in people's
-   home directories?
-
- * why are authorized_user_ids managed with a special sub-command of
-   monkeysphere-server, instead of just being hand-managed files, the
-   way that authorized_keys are in stock openssh?
-
  * Should we ship a scheduled monkeysphere-server update-users cron
    job automatically?
 
-- 
cgit v1.2.3