From 848f2e10f0ec24c8cbc12277948159312b4b71c2 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Sat, 31 Jan 2009 16:59:03 -0500 Subject: Remove the test for the root user, effectively reverting part of 691e5d2ec8efeb4d77b17b1ad852fdbec31ce136 --- src/monkeysphere-server | 36 ++++++------------------------------ 1 file changed, 6 insertions(+), 30 deletions(-) (limited to 'src') diff --git a/src/monkeysphere-server b/src/monkeysphere-server index 96f5b56..2531437 100755 --- a/src/monkeysphere-server +++ b/src/monkeysphere-server @@ -126,16 +126,6 @@ gpg_authentication() { su_monkeysphere_user "gpg $@" } -# check if user is root -is_root() { - [ $(id -u 2>/dev/null) = '0' ] -} - -# check that user is root, for functions that require root access -check_user() { - is_root || failure "You must be root to run this command." -} - # output just key fingerprint fingerprint_server_key() { # set the pipefail option so functions fails if can't read sec key @@ -159,14 +149,14 @@ show_server_key() { local ret=0 # FIXME: you shouldn't have to be root to see the host key fingerprint - if is_root ; then - check_host_keyring - fingerprintPGP=$(fingerprint_server_key) - gpg_authentication "--fingerprint --list-key --list-options show-unusable-uids $fingerprintPGP" 2>/dev/null - echo "OpenPGP fingerprint: $fingerprintPGP" - else + check_host_keyring + fingerprintPGP=$(fingerprint_server_key) + gpg_authentication "--fingerprint --list-key --list-options show-unusable-uids $fingerprintPGP" 2>/dev/null + if [ $? -ne 0 ] ; then log info "You must be root to see host OpenPGP fingerprint." ret='1' + else + echo "OpenPGP fingerprint: $fingerprintPGP" fi if [ -f "${SYSDATADIR}/ssh_host_rsa_key.pub" ] ; then @@ -1094,47 +1084,39 @@ shift case $COMMAND in 'update-users'|'update-user'|'u') - check_user check_host_keyring update_users "$@" ;; 'import-key'|'i') - check_user import_key "$@" ;; 'gen-key'|'g') - check_user gen_key "$@" ;; 'extend-key'|'e') - check_user check_host_keyring extend_key "$@" ;; 'add-hostname'|'add-name'|'n+') - check_user check_host_keyring add_hostname "$@" ;; 'revoke-hostname'|'revoke-name'|'n-') - check_user check_host_keyring revoke_hostname "$@" ;; 'add-revoker'|'o') - check_user check_host_keyring add_revoker "$@" ;; 'revoke-key'|'r') - check_user check_host_keyring revoke_key "$@" ;; @@ -1144,36 +1126,30 @@ case $COMMAND in ;; 'publish-key'|'publish'|'p') - check_user check_host_keyring publish_server_key ;; 'diagnostics'|'d') - check_user diagnostics ;; 'add-identity-certifier'|'add-id-certifier'|'add-certifier'|'c+') - check_user check_host_keyring add_certifier "$@" ;; 'remove-identity-certifier'|'remove-id-certifier'|'remove-certifier'|'c-') - check_user check_host_keyring remove_certifier "$@" ;; 'list-identity-certifiers'|'list-id-certifiers'|'list-certifiers'|'list-certifier'|'c') - check_user check_host_keyring list_certifiers "$@" ;; 'gpg-authentication-cmd') - check_user gpg_authentication_cmd "$@" ;; -- cgit v1.2.3 From aaa834da0f1eb3ea52aabc9809dfe3510a159797 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Sat, 31 Jan 2009 17:27:18 -0500 Subject: resyn implementation of m-s gen-key with the help output --- src/monkeysphere-server | 5 +---- tests/basic | 5 ++--- 2 files changed, 3 insertions(+), 7 deletions(-) (limited to 'src') diff --git a/src/monkeysphere-server b/src/monkeysphere-server index 2531437..3caa63d 100755 --- a/src/monkeysphere-server +++ b/src/monkeysphere-server @@ -406,10 +406,6 @@ gen_key() { # get options while true ; do case "$1" in - -h|--hostname) - hostName="$2" - shift 2 - ;; -l|--length) keyLength="$2" shift 2 @@ -427,6 +423,7 @@ gen_key() { failure "Unknown option '$1'. Type '$PGRM help' for usage." fi + hostName="$1" break ;; esac diff --git a/tests/basic b/tests/basic index 5ba7a25..7fdca39 100755 --- a/tests/basic +++ b/tests/basic @@ -8,8 +8,7 @@ # Copyright: 2008 # License: GPL v3 or later -# these tests should all be able to -# as a non-privileged user. +# these tests should all be able to run as a non-privileged user. # all subcommands in this script should complete without failure: set -e @@ -193,7 +192,7 @@ echo | monkeysphere-server gen-key --length 1024 --expire 0 testhost # remove the gpg.conf rm "$MONKEYSPHERE_SYSCONFIGDIR"/gnupg-host/gpg.conf -HOSTKEYID=$( monkeysphere-server show-key | tail -n1 | cut -f3 -d\ ) +HOSTKEYID=$( monkeysphere-server show-key | grep '^OpenPGP fingerprint: ' | cut -f3 -d\ ) # certify it with the "Admin's Key". # (this would normally be done via keyservers) -- cgit v1.2.3