summaryrefslogtreecommitdiff
path: root/src/monkeysphere-server
blob: dd85dcc7b3e630db544d5b50f78155e394443e1a (plain)
  1. #!/bin/bash
  2. # monkeysphere-server: MonkeySphere server admin tool
  3. #
  4. # The monkeysphere scripts are written by:
  5. # Jameson Rollins <jrollins@fifthhorseman.net>
  6. #
  7. # They are Copyright 2008, and are all released under the GPL, version 3
  8. # or later.
  9. ########################################################################
  10. PGRM=$(basename $0)
  11. SHARE=${MONKEYSPHERE_SHARE:="/usr/share/monkeysphere"}
  12. export SHARE
  13. . "${SHARE}/common" || exit 1
  14. VARLIB="/var/lib/monkeysphere"
  15. export VARLIB
  16. # date in UTF format if needed
  17. DATE=$(date -u '+%FT%T')
  18. # unset some environment variables that could screw things up
  19. unset GREP_OPTIONS
  20. # default return code
  21. RETURN=0
  22. ########################################################################
  23. # FUNCTIONS
  24. ########################################################################
  25. usage() {
  26. cat <<EOF
  27. usage: $PGRM <subcommand> [options] [args]
  28. MonkeySphere server admin tool.
  29. subcommands:
  30. update-users (u) [USER]... update user authorized_keys files
  31. gen-key (g) [NAME[:PORT]] generate gpg key for the server
  32. -l|--length BITS key length in bits (2048)
  33. -e|--expire EXPIRE date to expire
  34. -r|--revoker FINGERPRINT add a revoker
  35. add-hostname (n+) NAME[:PORT] add hostname user ID to server key
  36. revoke-hostname (n-) NAME[:PORT] revoke hostname user ID
  37. show-key (s) output all server host key information
  38. fingerprint (f) output just the key fingerprint
  39. publish-key (p) publish server host key to keyserver
  40. diagnostics (d) report on server monkeysphere status
  41. add-id-certifier (c+) KEYID import and tsign a certification key
  42. -n|--domain DOMAIN limit ID certifications to DOMAIN
  43. -t|--trust TRUST trust level of certifier (full)
  44. -d|--depth DEPTH trust depth for certifier (1)
  45. remove-id-certifier (c-) KEYID remove a certification key
  46. list-id-certifiers (c) list certification keys
  47. gpg-authentication-cmd CMD gnupg-authentication command
  48. -h|--help|help (h,?) this help
  49. EOF
  50. }
  51. su_monkeysphere_user() {
  52. su --preserve-environment "$MONKEYSPHERE_USER" -- -c "$@"
  53. }
  54. # function to interact with the host gnupg keyring
  55. gpg_host() {
  56. local returnCode
  57. GNUPGHOME="$GNUPGHOME_HOST"
  58. export GNUPGHOME
  59. # NOTE: we supress this warning because we need the monkeysphere
  60. # user to be able to read the host pubring. we realize this might
  61. # be problematic, but it's the simplest solution, without too much
  62. # loss of security.
  63. gpg --no-permission-warning "$@"
  64. returnCode="$?"
  65. # always reset the permissions on the host pubring so that the
  66. # monkeysphere user can read the trust signatures
  67. chgrp "$MONKEYSPHERE_USER" "${GNUPGHOME_HOST}/pubring.gpg"
  68. chmod g+r "${GNUPGHOME_HOST}/pubring.gpg"
  69. return "$returnCode"
  70. }
  71. # function to interact with the authentication gnupg keyring
  72. # FIXME: this function requires basically accepts only a single
  73. # argument because of problems with quote expansion. this needs to be
  74. # fixed/improved.
  75. gpg_authentication() {
  76. GNUPGHOME="$GNUPGHOME_AUTHENTICATION"
  77. export GNUPGHOME
  78. su_monkeysphere_user "gpg $@"
  79. }
  80. # output key information
  81. show_server_key() {
  82. gpg_host --list-secret-keys --fingerprint
  83. }
  84. # output just key fingerprint
  85. fingerprint_server_key() {
  86. gpg_host --list-secret-keys --fingerprint --with-colons --fixed-list-mode | \
  87. grep '^fpr:' | head -1 | cut -d: -f10
  88. }
  89. # update authorized_keys for users
  90. update_users() {
  91. if [ "$1" ] ; then
  92. # get users from command line
  93. unames="$@"
  94. else
  95. # or just look at all users if none specified
  96. unames=$(getent passwd | cut -d: -f1)
  97. fi
  98. # set mode
  99. MODE="authorized_keys"
  100. # set gnupg home
  101. GNUPGHOME="$GNUPGHOME_AUTHENTICATION"
  102. # check to see if the gpg trust database has been initialized
  103. if [ ! -s "${GNUPGHOME}/trustdb.gpg" ] ; then
  104. failure "GNUPG trust database uninitialized. Please see MONKEYSPHERE-SERVER(8)."
  105. fi
  106. # make sure the authorized_keys directory exists
  107. mkdir -p "${VARLIB}/authorized_keys"
  108. # loop over users
  109. for uname in $unames ; do
  110. # check all specified users exist
  111. if ! getent passwd "$uname" >/dev/null ; then
  112. log "----- unknown user '$uname' -----"
  113. continue
  114. fi
  115. # set authorized_user_ids and raw authorized_keys variables,
  116. # translating ssh-style path variables
  117. authorizedUserIDs=$(translate_ssh_variables "$uname" "$AUTHORIZED_USER_IDS")
  118. rawAuthorizedKeys=$(translate_ssh_variables "$uname" "$RAW_AUTHORIZED_KEYS")
  119. # if neither is found, skip user
  120. if [ ! -s "$authorizedUserIDs" ] ; then
  121. if [ "$rawAuthorizedKeys" = '-' -o ! -s "$rawAuthorizedKeys" ] ; then
  122. continue
  123. fi
  124. fi
  125. log "----- user: $uname -----"
  126. # exit if the authorized_user_ids file is empty
  127. if ! check_key_file_permissions "$uname" "$AUTHORIZED_USER_IDS" ; then
  128. log "Improper permissions on authorized_user_ids file path."
  129. continue
  130. fi
  131. # check permissions on the authorized_keys file path
  132. if ! check_key_file_permissions "$uname" "$RAW_AUTHORIZED_KEYS" ; then
  133. log "Improper permissions on authorized_keys file path path."
  134. continue
  135. fi
  136. # make temporary directory
  137. TMPDIR=$(mktemp -d)
  138. # trap to delete temporary directory on exit
  139. trap "rm -rf $TMPDIR" EXIT
  140. # create temporary authorized_user_ids file
  141. TMP_AUTHORIZED_USER_IDS="${TMPDIR}/authorized_user_ids"
  142. touch "$TMP_AUTHORIZED_USER_IDS"
  143. # create temporary authorized_keys file
  144. AUTHORIZED_KEYS="${TMPDIR}/authorized_keys"
  145. touch "$AUTHORIZED_KEYS"
  146. # set restrictive permissions on the temporary files
  147. # FIXME: is there a better way to do this?
  148. chmod 0700 "$TMPDIR"
  149. chmod 0600 "$AUTHORIZED_KEYS"
  150. chmod 0600 "$TMP_AUTHORIZED_USER_IDS"
  151. chown -R "$MONKEYSPHERE_USER" "$TMPDIR"
  152. # if the authorized_user_ids file exists...
  153. if [ -s "$authorizedUserIDs" ] ; then
  154. # copy user authorized_user_ids file to temporary
  155. # location
  156. cat "$authorizedUserIDs" > "$TMP_AUTHORIZED_USER_IDS"
  157. # export needed variables
  158. export AUTHORIZED_KEYS
  159. export TMP_AUTHORIZED_USER_IDS
  160. # process authorized_user_ids file, as monkeysphere
  161. # user
  162. su_monkeysphere_user \
  163. ". ${SHARE}/common; process_authorized_user_ids $TMP_AUTHORIZED_USER_IDS"
  164. RETURN="$?"
  165. fi
  166. # add user-controlled authorized_keys file path if specified
  167. if [ "$rawAuthorizedKeys" != '-' -a -s "$rawAuthorizedKeys" ] ; then
  168. log -n "adding raw authorized_keys file... "
  169. cat "$rawAuthorizedKeys" >> "$AUTHORIZED_KEYS"
  170. loge "done."
  171. fi
  172. # openssh appears to check the contents of the
  173. # authorized_keys file as the user in question, so the
  174. # file must be readable by that user at least.
  175. # FIXME: is there a better way to do this?
  176. chown root "$AUTHORIZED_KEYS"
  177. chgrp $(getent passwd "$uname" | cut -f4 -d:) "$AUTHORIZED_KEYS"
  178. chmod g+r "$AUTHORIZED_KEYS"
  179. # move the resulting authorized_keys file into place
  180. mv -f "$AUTHORIZED_KEYS" "${VARLIB}/authorized_keys/${uname}"
  181. # destroy temporary directory
  182. rm -rf "$TMPDIR"
  183. done
  184. }
  185. # generate server gpg key
  186. gen_key() {
  187. local keyType
  188. local keyLength
  189. local keyUsage
  190. local keyExpire
  191. local revoker
  192. local hostName
  193. local userID
  194. local keyParameters
  195. local fingerprint
  196. # set default key parameter values
  197. keyType="RSA"
  198. keyLength="2048"
  199. keyUsage="auth"
  200. keyExpire=
  201. revoker=
  202. # get options
  203. TEMP=$(getopt -o e:l:r -l expire:,length:,revoker: -n "$PGRM" -- "$@")
  204. if [ $? != 0 ] ; then
  205. exit 1
  206. fi
  207. # Note the quotes around `$TEMP': they are essential!
  208. eval set -- "$TEMP"
  209. while true ; do
  210. case "$1" in
  211. -l|--length)
  212. keyLength="$2"
  213. shift 2
  214. ;;
  215. -e|--expire)
  216. keyExpire="$2"
  217. shift 2
  218. ;;
  219. -r|--revoker)
  220. revoker="$2"
  221. shift 2
  222. ;;
  223. --)
  224. shift
  225. ;;
  226. *)
  227. break
  228. ;;
  229. esac
  230. done
  231. hostName=${1:-$(hostname --fqdn)}
  232. userID="ssh://${hostName}"
  233. # check for presense of key with user ID
  234. if gpg_host --list-key ="$userID" > /dev/null 2>&1 ; then
  235. failure "Key for '$userID' already exists"
  236. fi
  237. # prompt about key expiration if not specified
  238. if [ -z "$keyExpire" ] ; then
  239. cat <<EOF
  240. Please specify how long the key should be valid.
  241. 0 = key does not expire
  242. <n> = key expires in n days
  243. <n>w = key expires in n weeks
  244. <n>m = key expires in n months
  245. <n>y = key expires in n years
  246. EOF
  247. while [ -z "$keyExpire" ] ; do
  248. read -p "Key is valid for? (0) " keyExpire
  249. if ! test_gpg_expire ${keyExpire:=0} ; then
  250. echo "invalid value"
  251. unset keyExpire
  252. fi
  253. done
  254. elif ! test_gpg_expire "$keyExpire" ; then
  255. failure "invalid key expiration value '$keyExpire'."
  256. fi
  257. # set key parameters
  258. keyParameters=$(cat <<EOF
  259. Key-Type: $keyType
  260. Key-Length: $keyLength
  261. Key-Usage: $keyUsage
  262. Name-Real: $userID
  263. Expire-Date: $keyExpire
  264. EOF
  265. )
  266. # add the revoker field if specified
  267. # FIXME: the "1:" below assumes that $REVOKER's key is an RSA key.
  268. # FIXME: key is marked "sensitive"? is this appropriate?
  269. if [ "$revoker" ] ; then
  270. keyParameters="${keyParameters}"$(cat <<EOF
  271. Revoker: 1:$revoker sensitive
  272. EOF
  273. )
  274. fi
  275. echo "The following key parameters will be used for the host private key:"
  276. echo "$keyParameters"
  277. read -p "Generate key? (Y/n) " OK; OK=${OK:=Y}
  278. if [ ${OK/y/Y} != 'Y' ] ; then
  279. failure "aborting."
  280. fi
  281. # add commit command
  282. keyParameters="${keyParameters}"$(cat <<EOF
  283. %commit
  284. %echo done
  285. EOF
  286. )
  287. log "generating server key..."
  288. echo "$keyParameters" | gpg_host --batch --gen-key
  289. # output the server fingerprint
  290. fingerprint_server_key "=${userID}"
  291. # find the key fingerprint of the newly generated key
  292. fingerprint=$(fingerprint_server_key)
  293. # export host ownertrust to authentication keyring
  294. log "setting ultimate owner trust for server key..."
  295. echo "${fingerprint}:6:" | gpg_authentication "--import-ownertrust"
  296. # translate the private key to ssh format, and export to a file
  297. # for sshs usage.
  298. # NOTE: assumes that the primary key is the proper key to use
  299. (umask 077 && \
  300. gpg_host --export-secret-key "$fingerprint" | \
  301. openpgp2ssh "$fingerprint" > "${VARLIB}/ssh_host_rsa_key")
  302. log "Private SSH host key output to file: ${VARLIB}/ssh_host_rsa_key"
  303. }
  304. # add hostname user ID to server key
  305. add_hostname() {
  306. if [ -z "$1" ] ; then
  307. failure "You must specify a hostname to add."
  308. fi
  309. userID="ssh://${1}"
  310. if [ "$(gpg_host --list-key "=${userID}")" ] ; then
  311. failure "Host userID '$userID' already exists."
  312. fi
  313. fingerprint=$(fingerprint_server_key)
  314. adduidCommand=$(cat <<EOF
  315. adduid
  316. $userID
  317. O
  318. save
  319. EOF
  320. )
  321. # add uid
  322. echo "$adduidCommand" | gpg_host --quiet --command-fd 0 --edit-key "$fingerprint"
  323. echo "NOTE: new host userID has not been published."
  324. echo "Use '$PGRM publish-key' to publish these changes."
  325. }
  326. # revoke hostname user ID to server key
  327. revoke_hostname() {
  328. local msg
  329. local uidNum
  330. local tmpuidMatch
  331. local fpr
  332. local linenum
  333. if [ -z "$1" ] ; then
  334. failure "You must specify a hostname to revoke."
  335. fi
  336. fpr=$(fingerprint_server_key)
  337. tmpuidMatch="u:$(escape "ssh://$1")"
  338. if linenum=$(gpg_host --list-keys --with-colons --fixed-list-mode "0x$fpr"\! | egrep '^(uid|uat):' | cut -f2,10 -d: | grep -n -x -F "$tmpuidMatch") ; then
  339. uidNum=${linenum%%:*}
  340. else
  341. failure "no non-revoked hostname '$1' is listed."
  342. fi
  343. msg="hostname removed by monkeysphere-server on $(date +%F)"
  344. revuidCommand=$(cat <<EOF
  345. $uidNum
  346. revuid
  347. y
  348. 4
  349. $msg
  350. y
  351. save
  352. EOF
  353. )
  354. echo "$revuidCommand" | gpg_host --quiet --command-fd 0 --edit-key "0x$fpr"\!
  355. echo "NOTE: host userID revokation has not been published."
  356. echo "Use '$PGRM publish-key' to publish these changes."
  357. }
  358. # publish server key to keyserver
  359. publish_server_key() {
  360. read -p "Really publish host key to $KEYSERVER? (y/N) " OK; OK=${OK:=N}
  361. if [ ${OK/y/Y} != 'Y' ] ; then
  362. failure "aborting."
  363. fi
  364. # find the key fingerprint
  365. fingerprint=$(fingerprint_server_key)
  366. # publish host key
  367. gpg_authentication "--keyserver $KEYSERVER --send-keys $fingerprint"
  368. }
  369. diagnostics() {
  370. # * check on the status and validity of the key and public certificates
  371. local seckey
  372. local keysfound
  373. local curdate
  374. local warnwindow
  375. local warndate
  376. local create
  377. local expire
  378. local uid
  379. local fingerprint
  380. local badhostkeys
  381. seckey=$(fingerprint_server_key)
  382. keysfound=$(echo "$seckey" | grep -c ^sec:)
  383. curdate=$(date +%s)
  384. # warn when anything is 2 months away from expiration
  385. warnwindow='2 months'
  386. warndate=$(date +%s -d "$warnwindow")
  387. echo "Checking host GPG key..."
  388. if (( "$keysfound" < 1 )); then
  389. echo "! No host key found."
  390. echo " - Recommendation: run 'monkeysphere-server gen-key'"
  391. elif (( "$keysfound" > 1 )); then
  392. echo "! More than one host key found?"
  393. # FIXME: recommend a way to resolve this
  394. else
  395. create=$(echo "$seckey" | grep ^sec: | cut -f6 -d:)
  396. expire=$(echo "$seckey" | grep ^sec: | cut -f7 -d:)
  397. fingerprint=$(echo "$seckey" | grep ^fpr: | head -n1 | cut -f10 -d:)
  398. # check for key expiration:
  399. if [ "$expire" ]; then
  400. if (( "$expire" < "$curdate" )); then
  401. echo "! Host key is expired."
  402. # FIXME: recommend a way to resolve this other than re-keying?
  403. elif (( "$expire" < "$warndate" )); then
  404. echo "! Host key expires in less than $warnwindow:" $(date -d "$(( $expire - $curdate )) seconds" +%F)
  405. # FIXME: recommend a way to resolve this?
  406. fi
  407. fi
  408. # and weirdnesses:
  409. if [ "$create" ] && (( "$create" > "$curdate" )); then
  410. echo "! Host key was created in the future(?!). Is your clock correct?"
  411. echo " - Recommendation: Check clock ($(date +%F_%T)); use NTP?"
  412. fi
  413. # check for UserID expiration:
  414. echo "$seckey" | grep ^uid: | cut -d: -f6,7,10 | \
  415. while IFS=: read create expire uid ; do
  416. # FIXME: should we be doing any checking on the form
  417. # of the User ID? Should we be unmangling it somehow?
  418. if [ "$create" ] && (( "$create" > "$curdate" )); then
  419. echo "! User ID '$uid' was created in the future(?!). Is your clock correct?"
  420. echo " - Recommendation: Check clock ($(date +%F_%T)); use NTP?"
  421. fi
  422. if [ "$expire" ] ; then
  423. if (( "$expire" < "$curdate" )); then
  424. echo "! User ID '$uid' is expired."
  425. # FIXME: recommend a way to resolve this
  426. elif (( "$expire" < "$warndate" )); then
  427. echo "! User ID '$uid' expires in less than $warnwindow:" $(date -d "$(( $expire - $curdate )) seconds" +%F)
  428. # FIXME: recommend a way to resolve this
  429. fi
  430. fi
  431. done
  432. # FIXME: verify that the host key is properly published to the
  433. # keyservers (do this with the non-privileged user)
  434. # FIXME: check that there are valid, non-expired certifying signatures
  435. # attached to the host key after fetching from the public keyserver
  436. # (do this with the non-privileged user as well)
  437. # FIXME: propose adding a revoker to the host key if none exist (do we
  438. # have a way to do that after key generation?)
  439. # Ensure that the ssh_host_rsa_key file is present and non-empty:
  440. echo "Checking host SSH key..."
  441. if [ ! -s "${VARLIB}/ssh_host_rsa_key" ] ; then
  442. echo "! The host key as prepared for SSH (${VARLIB}/ssh_host_rsa_key) is missing or empty."
  443. else
  444. if [ $(stat -c '%a' "${VARLIB}/ssh_host_rsa_key") != 600 ] ; then
  445. echo "! Permissions seem wrong for ${VARLIB}/ssh_host_rsa_key -- should be 0600."
  446. fi
  447. # propose changes needed for sshd_config (if any)
  448. if ! grep -q "^HostKey[[:space:]]\+${VARLIB}/ssh_host_rsa_key$" /etc/ssh/sshd_config; then
  449. echo "! /etc/ssh/sshd_config does not point to the monkeysphere host key (${VARLIB}/ssh_host_rsa_key)."
  450. echo " - Recommendation: add a line to /etc/ssh/sshd_config: 'HostKey ${VARLIB}/ssh_host_rsa_key'"
  451. fi
  452. if badhostkeys=$(grep -i '^HostKey' | grep -q -v "^HostKey[[:space:]]\+${VARLIB}/ssh_host_rsa_key$") ; then
  453. echo "! /etc/sshd_config refers to some non-monkeysphere host keys:"
  454. echo "$badhostkeys"
  455. echo " - Recommendation: remove the above HostKey lines from /etc/ssh/sshd_config"
  456. fi
  457. fi
  458. fi
  459. # FIXME: look at the ownership/privileges of the various keyrings,
  460. # directories housing them, etc (what should those values be? can
  461. # we make them as minimal as possible?)
  462. # FIXME: look to see that the ownertrust rules are set properly on the
  463. # authentication keyring
  464. # FIXME: make sure that at least one identity certifier exists
  465. echo "Checking for MonkeySphere-enabled public-key authentication for users ..."
  466. # Ensure that User ID authentication is enabled:
  467. if ! grep -q "^AuthorizedKeysFile[[:space:]]\+${VARLIB}/authorized_keys/%u$" /etc/ssh/sshd_config; then
  468. echo "! /etc/ssh/sshd_config does not point to monkeysphere authorized keys."
  469. echo " - Recommendation: add a line to /etc/ssh/sshd_config: 'AuthorizedKeysFile ${VARLIB}/authorized_keys/%u'"
  470. fi
  471. if badauthorizedkeys=$(grep -i '^AuthorizedKeysFile' | grep -q -v "^AuthorizedKeysFile[[:space:]]\+${VARLIB}/authorized_keys/%u$") ; then
  472. echo "! /etc/sshd_config refers to non-monkeysphere authorized_keys files:"
  473. echo "$badauthorizedkeys"
  474. echo " - Recommendation: remove the above AuthorizedKeysFile lines from /etc/ssh/sshd_config"
  475. fi
  476. }
  477. # retrieve key from web of trust, import it into the host keyring, and
  478. # ltsign the key in the host keyring so that it may certify other keys
  479. add_certifier() {
  480. local domain
  481. local trust
  482. local depth
  483. local keyID
  484. local fingerprint
  485. local ltsignCommand
  486. local trustval
  487. # set default values for trust depth and domain
  488. domain=
  489. trust=full
  490. depth=1
  491. # get options
  492. TEMP=$(getopt -o n:t:d: -l domain:,trust:,depth: -n "$PGRM" -- "$@")
  493. if [ $? != 0 ] ; then
  494. exit 1
  495. fi
  496. # Note the quotes around `$TEMP': they are essential!
  497. eval set -- "$TEMP"
  498. while true ; do
  499. case "$1" in
  500. -n|--domain)
  501. domain="$2"
  502. shift 2
  503. ;;
  504. -t|--trust)
  505. trust="$2"
  506. shift 2
  507. ;;
  508. -d|--depth)
  509. depth="$2"
  510. shift 2
  511. ;;
  512. --)
  513. shift
  514. ;;
  515. *)
  516. break
  517. ;;
  518. esac
  519. done
  520. keyID="$1"
  521. if [ -z "$keyID" ] ; then
  522. failure "You must specify the key ID of a key to add."
  523. fi
  524. export keyID
  525. # get the key from the key server
  526. gpg_authentication "--keyserver $KEYSERVER --recv-key '$keyID'"
  527. # get the full fingerprint of a key ID
  528. fingerprint=$(gpg_authentication "--list-key --with-colons --with-fingerprint $keyID" | \
  529. grep '^fpr:' | grep "$keyID" | cut -d: -f10)
  530. echo "key found:"
  531. gpg_authentication "--fingerprint $fingerprint"
  532. echo "Are you sure you want to add this key as a certifier of"
  533. read -p "users on this system? (y/N) " OK; OK=${OK:-N}
  534. if [ "${OK/y/Y}" != 'Y' ] ; then
  535. failure "aborting."
  536. fi
  537. # export the key to the host keyring
  538. gpg_authentication "--export $keyID" | gpg_host --import
  539. if [ "$trust" == marginal ]; then
  540. trustval=1
  541. elif [ "$trust" == full ]; then
  542. trustval=2
  543. else
  544. failure "trust value requested ('$trust') was unclear (only 'marginal' or 'full' are supported)"
  545. fi
  546. # ltsign command
  547. # NOTE: *all* user IDs will be ltsigned
  548. ltsignCommand=$(cat <<EOF
  549. ltsign
  550. y
  551. $trustval
  552. $depth
  553. $domain
  554. y
  555. save
  556. EOF
  557. )
  558. # ltsign the key
  559. echo "$ltsignCommand" | gpg_host --quiet --command-fd 0 --edit-key "$fingerprint"
  560. # update the trustdb for the authentication keyring
  561. gpg_authentication "--check-trustdb"
  562. }
  563. # delete a certifiers key from the host keyring
  564. remove_certifier() {
  565. local keyID
  566. local fingerprint
  567. keyID="$1"
  568. if [ -z "$keyID" ] ; then
  569. failure "You must specify the key ID of a key to remove."
  570. fi
  571. # delete the requested key (with prompting)
  572. gpg_host --delete-key "$keyID"
  573. # update the trustdb for the authentication keyring
  574. gpg_authentication "--check-trustdb"
  575. }
  576. # list the host certifiers
  577. list_certifiers() {
  578. gpg_host --list-keys
  579. }
  580. # issue command to gpg-authentication keyring
  581. gpg_authentication_cmd() {
  582. gpg_authentication "$@"
  583. }
  584. ########################################################################
  585. # MAIN
  586. ########################################################################
  587. # unset variables that should be defined only in config file
  588. unset KEYSERVER
  589. unset AUTHORIZED_USER_IDS
  590. unset RAW_AUTHORIZED_KEYS
  591. unset MONKEYSPHERE_USER
  592. # load configuration file
  593. [ -e ${MONKEYSPHERE_SERVER_CONFIG:="${ETC}/monkeysphere-server.conf"} ] && . "$MONKEYSPHERE_SERVER_CONFIG"
  594. # set empty config variable with ones from the environment, or with
  595. # defaults
  596. KEYSERVER=${MONKEYSPHERE_KEYSERVER:=${KEYSERVER:="subkeys.pgp.net"}}
  597. AUTHORIZED_USER_IDS=${MONKEYSPHERE_AUTHORIZED_USER_IDS:=${AUTHORIZED_USER_IDS:="%h/.config/monkeysphere/authorized_user_ids"}}
  598. RAW_AUTHORIZED_KEYS=${MONKEYSPHERE_RAW_AUTHORIZED_KEYS:=${RAW_AUTHORIZED_KEYS:="%h/.ssh/authorized_keys"}}
  599. MONKEYSPHERE_USER=${MONKEYSPHERE_MONKEYSPHERE_USER:=${MONKEYSPHERE_USER:="monkeysphere"}}
  600. # other variables
  601. CHECK_KEYSERVER=${MONKEYSPHERE_CHECK_KEYSERVER:="true"}
  602. REQUIRED_USER_KEY_CAPABILITY=${MONKEYSPHERE_REQUIRED_USER_KEY_CAPABILITY:="a"}
  603. GNUPGHOME_HOST=${MONKEYSPHERE_GNUPGHOME_HOST:="${VARLIB}/gnupg-host"}
  604. GNUPGHOME_AUTHENTICATION=${MONKEYSPHERE_GNUPGHOME_AUTHENTICATION:="${VARLIB}/gnupg-authentication"}
  605. # export variables needed in su invocation
  606. export DATE
  607. export MODE
  608. export MONKEYSPHERE_USER
  609. export KEYSERVER
  610. export CHECK_KEYSERVER
  611. export REQUIRED_USER_KEY_CAPABILITY
  612. export GNUPGHOME_HOST
  613. export GNUPGHOME_AUTHENTICATION
  614. export GNUPGHOME
  615. # get subcommand
  616. COMMAND="$1"
  617. [ "$COMMAND" ] || failure "Type '$PGRM help' for usage."
  618. shift
  619. case $COMMAND in
  620. 'update-users'|'update-user'|'u')
  621. update_users "$@"
  622. ;;
  623. 'gen-key'|'g')
  624. gen_key "$@"
  625. ;;
  626. 'add-hostname'|'add-name'|'n+')
  627. add_hostname "$@"
  628. ;;
  629. 'revoke-hostname'|'revoke-name'|'n-')
  630. revoke_hostname "$@"
  631. ;;
  632. 'show-key'|'show'|'s')
  633. show_server_key
  634. ;;
  635. 'show-fingerprint'|'fingerprint'|'f')
  636. fingerprint_server_key
  637. ;;
  638. 'publish-key'|'publish'|'p')
  639. publish_server_key
  640. ;;
  641. 'diagnostics'|'d')
  642. diagnostics
  643. ;;
  644. 'add-identity-certifier'|'add-id-certifier'|'add-certifier'|'c+')
  645. add_certifier "$@"
  646. ;;
  647. 'remove-identity-certifier'|'remove-id-certifier'|'remove-certifier'|'c-')
  648. remove_certifier "$@"
  649. ;;
  650. 'list-identity-certifiers'|'list-id-certifiers'|'list-certifiers'|'list-certifier'|'c')
  651. list_certifiers "$@"
  652. ;;
  653. 'gpg-authentication-cmd')
  654. gpg_authentication_cmd "$@"
  655. ;;
  656. '--help'|'help'|'-h'|'h'|'?')
  657. usage
  658. ;;
  659. *)
  660. failure "Unknown command: '$COMMAND'
  661. Type '$PGRM help' for usage."
  662. ;;
  663. esac
  664. exit "$RETURN"