From 2fea7c86ef761141f00145702568ea2e3b86cd6b Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Sun, 14 Sep 2008 20:50:00 -0400 Subject: documenting problems with the tarball generation process. --- website/bugs/make-tarball-is-not-idempotent.mdwn | 12 ++++++++++++ 1 file changed, 12 insertions(+) create mode 100644 website/bugs/make-tarball-is-not-idempotent.mdwn (limited to 'website/bugs') diff --git a/website/bugs/make-tarball-is-not-idempotent.mdwn b/website/bugs/make-tarball-is-not-idempotent.mdwn new file mode 100644 index 0000000..57012cb --- /dev/null +++ b/website/bugs/make-tarball-is-not-idempotent.mdwn @@ -0,0 +1,12 @@ +[[ meta title="make tarball is not idempotent" ]] + +The current monkeysphere Makefile has a "tarball" target, which +produces the "upstream tarball". Unfortunately, it is not idempotent. +That is, if you run it twice in a row (without changing any other +source), the second .orig.tar.gz file is bytewise different from the +first. + +We should fix this so that the tarball generated is the same at least +as long as no local file has been touched. + +--dkg -- cgit v1.2.3 From ac01e1d823ae8eb4353a50e40e8c8bceeaff227d Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Sun, 14 Sep 2008 21:04:45 -0400 Subject: fixing titles in my recent bugs. --- website/bugs/make-tarball-is-not-idempotent.mdwn | 2 +- website/bugs/postinst-clobbers-gpg.conf-settings.mdwn | 2 +- website/bugs/setup-subcommand-for-monkeysphere-server.mdwn | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) (limited to 'website/bugs') diff --git a/website/bugs/make-tarball-is-not-idempotent.mdwn b/website/bugs/make-tarball-is-not-idempotent.mdwn index 57012cb..03779c5 100644 --- a/website/bugs/make-tarball-is-not-idempotent.mdwn +++ b/website/bugs/make-tarball-is-not-idempotent.mdwn @@ -1,4 +1,4 @@ -[[ meta title="make tarball is not idempotent" ]] +[[meta title="make tarball is not idempotent" ]] The current monkeysphere Makefile has a "tarball" target, which produces the "upstream tarball". Unfortunately, it is not idempotent. diff --git a/website/bugs/postinst-clobbers-gpg.conf-settings.mdwn b/website/bugs/postinst-clobbers-gpg.conf-settings.mdwn index 8f518c1..e58b9c7 100644 --- a/website/bugs/postinst-clobbers-gpg.conf-settings.mdwn +++ b/website/bugs/postinst-clobbers-gpg.conf-settings.mdwn @@ -1,4 +1,4 @@ -[[ meta title="debian packaging postinst script clobbers gpg.conf settings in /var/lib/monkeysphere" ]] +[[meta title="debian packaging postinst script clobbers gpg.conf settings in /var/lib/monkeysphere" ]] Do we want to allow the system administrator to make adjustments to the `gpg.conf` config files found in `/var/lib/monkeysphere`? At the diff --git a/website/bugs/setup-subcommand-for-monkeysphere-server.mdwn b/website/bugs/setup-subcommand-for-monkeysphere-server.mdwn index 614e471..c491f8b 100644 --- a/website/bugs/setup-subcommand-for-monkeysphere-server.mdwn +++ b/website/bugs/setup-subcommand-for-monkeysphere-server.mdwn @@ -1,4 +1,4 @@ -[[ meta title="proposed new monkeysphere-server subcommand: setup" ]] +[[meta title="proposed new monkeysphere-server subcommand: setup" ]] What if everything that's done in the package post-installation scripts (aside from maybe the creation of the monkeysphere user -- cgit v1.2.3 From e98366cd478343b9c39ced4984874cd611ccb4ad Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Sun, 14 Sep 2008 21:30:26 -0400 Subject: adding initial testsuite (totally unfinished!), bug report about genericizing filesystem locations. --- tests/basic | 78 ++++++++++++++++++++++ ...ericize-filesystem-locations-for-testsuite.mdwn | 28 ++++++++ 2 files changed, 106 insertions(+) create mode 100644 tests/basic create mode 100644 website/bugs/genericize-filesystem-locations-for-testsuite.mdwn (limited to 'website/bugs') diff --git a/tests/basic b/tests/basic new file mode 100644 index 0000000..7d354f9 --- /dev/null +++ b/tests/basic @@ -0,0 +1,78 @@ +#!/usr/bin/env bash + +# Tests to ensure that the monkeysphere is working + +# Author: Daniel Kahn Gillmor +# Date: 2008-09-13 13:40:15-0400 + +# these tests might be best run under fakeroot, particularly the +# "server-side" tests. Using fakeroot, they should be able to be run +# as a non-privileged user. + +# NOTE: these tests have *not* themselves been tested yet +# (2008-09-13). Please exercise with caution! + +# these tests assume a commonly-trusted "Admin's key", a fake key +# permanently stored in ./admin: + +gpgadmin() { + GNUPGHOME=./admin gpg "$@" +} + + +# cleanup: + +cleanup() { + rm -f ./ssh-socket + + # FIXME: how should we clear out the temporary $VARLIB? + + # FIXME: clear out ssh client config file and known hosts. +} + +## set up some variables to ensure that we're operating strictly in +## the tests, not system-wide: + +# FIXME: can we override $VARLIB ? +# FIXME: can we override $ETC ? + +# Use the local copy of executables first, instead of system ones. +# This should help us test without installing. +export PATH=$(pwd)/../src:$(pwd)/../src/keytrans:$PATH +export MONKEYSPHERE_SHARE=$(pwd)/../src + +# create a new host key, certify it with the "Admin's Key". + +echo | monkeysphere-server gen-key --expire 2d + +HOSTKEYID=$( monkeysphere-server show-key | tail -n1 | cut -f3 -d\ ) + +monkeysphere-server gpg-authentication-cmd "--armor --export $HOSTKEYID" | gpgadmin --import + +gpgadmin --sign-key "$HOSTKEYID" + +# FIXME: how can we test publish-key without flooding junk into the +# keyservers? + +# indicate that the "Admin's" key is an identity certifier for the +# host + +monkeysphere-server add-identity-certifier ./admin/pubkey.gpg + +# launch sshd with the new host key. + +mkfifo ./ssh-socket + +sshd -f ./sshd_config -i <>./ssh-socket + +# connect to sample sshd host key, using monkeysphere to verify the +# identity before connection. + +## FIXME: implement! + +# create a new client side key, certify it with the "CA", use it to +# log in. + +## FIXME: implement! + + diff --git a/website/bugs/genericize-filesystem-locations-for-testsuite.mdwn b/website/bugs/genericize-filesystem-locations-for-testsuite.mdwn new file mode 100644 index 0000000..1d70313 --- /dev/null +++ b/website/bugs/genericize-filesystem-locations-for-testsuite.mdwn @@ -0,0 +1,28 @@ +[[meta title="genericize all filesystem locations to enable test suite:" ]] + +I'm in the process of writing a testsuite for the monkeysphere so that +we can verify that it actually performs all the basic expected duties +properly. + +It occurs to me that lines like these: + + ETC="/etc/monkeysphere" + VARLIB="/var/lib/monkeysphere" + +Actually make it very difficult to generically test the tool without +it being installed system-wide. + +Is there any reason that we should not allow these directories to be +overridden with environment variables in the same way that +`/usr/share/monkeysphere/share` is handled? + + SHARE=${MONKEYSPHERE_SHARE:-"/usr/share/monkeysphere"} + +I guess i'm proposing something like: + + SYSCONFIGDIR=${MONKEYSPHERE_SYSCONFIGDIR:-"/etc/monkeysphere"} + SYSDATADIR=${MONKEYSPHERE_SYSDATADIR:-"/var/lib/monkeysphere"} + +Thoughts? + +--dkg -- cgit v1.2.3 From 86d072e02c75f1c0e84d4f5c51c2e034fa84de21 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Sun, 14 Sep 2008 21:41:18 -0400 Subject: documenting trouble with two keyring arrangement. --- .../problems-with-root-owned-gpg-keyrings.mdwn | 24 ++++++++++++++++++++++ 1 file changed, 24 insertions(+) create mode 100644 website/bugs/problems-with-root-owned-gpg-keyrings.mdwn (limited to 'website/bugs') diff --git a/website/bugs/problems-with-root-owned-gpg-keyrings.mdwn b/website/bugs/problems-with-root-owned-gpg-keyrings.mdwn new file mode 100644 index 0000000..65268c5 --- /dev/null +++ b/website/bugs/problems-with-root-owned-gpg-keyrings.mdwn @@ -0,0 +1,24 @@ +[[meta title="Problems with root-owned gpg keyrings"]] + +`/var/lib/monkeysphere/gnupg-host/` is root-owned, and the public +keyring in that directory is controlled by the superuser. + +We currently expect the `monkeysphere` user to read from (but not +write to) that keyring. But using a keyring in a directory that you +don't control appears to trigger [a subtle bug in +gpg](http://bugs.debian.org/361539) that has been unresolved for quite +a long time. + +With some of the new error checking i'm doing in +`monkeysphere-server`, typical operations that involve both keyrings +as the non-privileged user can fail with an error message like: + + gpg: failed to rebuild keyring cache: file open error + +Running the relevant operation a second time as the same user usually +lets things go through without a failure, but this seems like it would +be hiding a bug, rather than getting it fixed correctly. + +Are there other ways we can deal with this problem? + +--dkg -- cgit v1.2.3