summaryrefslogtreecommitdiff
path: root/src/share/ma/setup
blob: e65f875a233a6d0dcec4764286b618fd061c6ccd (plain) 
    

  1. # -*-shell-script-*-
    2. 

  2. # This should be sourced by bash (though we welcome changes to make it POSIX sh compliant)
    3. 

  3. 

  4. # Monkeysphere authentication setup subcommand
    5. 

  5. #
    6. 

  6. # The monkeysphere scripts are written by:
    7. 

  7. # Jameson Rollins <jrollins@finestructure.net>
    8. 

  8. # Jamie McClelland <jm@mayfirst.org>
    9. 

  9. # Daniel Kahn Gillmor <dkg@fifthhorseman.net>
    10. 

  10. #
    11. 

  11. # They are Copyright 2009, and are all released under the GPL,
    12. 

  12. # version 3 or later.
    13. 

  13. 

  14. setup() {
    15. 

  15.     # make all needed directories
    16. 

  16.     log debug "checking authentication directory structure..."
    17. 

  17.     mkdir -p "${MADATADIR}"
    18. 

  18.     chmod 0750 "${MADATADIR}"
    19. 

  19.     chgrp "$MONKEYSPHERE_GROUP" "${MADATADIR}"
    20. 

  20.     mkdir -p "${MATMPDIR}"
    21. 

  21.     chmod 0750 "${MATMPDIR}"
    22. 

  22.     chgrp "$MONKEYSPHERE_GROUP" "${MATMPDIR}"
    23. 

  23.     mkdir -p "${GNUPGHOME_CORE}"
    24. 

  24.     chmod 0700 "${GNUPGHOME_CORE}"
    25. 

  25.     mkdir -p "${GNUPGHOME_SPHERE}"
    26. 

  26.     chmod 0700 "${GNUPGHOME_SPHERE}"
    27. 

  27.     mkdir -p "${SYSDATADIR}"/authorized_keys
    28. 

  28. 

  29.     # deliberately replace the config files via truncation
    30. 

  30.     # FIXME: should we be dumping to tmp files and then moving atomically?
    31. 

  31.     log debug "writing core gpg.conf..."
    32. 

  32.     cat >"${GNUPGHOME_CORE}"/gpg.conf <<EOF
    33. 

  33. # Monkeysphere trust core GnuPG configuration
    34. 

  34. # This file is maintained by the Monkeysphere software.
    35. 

  35. # Edits will be overwritten.
    36. 

  36. no-greeting
    37. 

  37. keyid-format 0xlong
    38. 

  38. EOF
    39. 

  39. 

  40.     KEYSERVER_OPTIONS=""
    41. 

  41.     for anchorfile in "${SYSCONFIGDIR}/monkeysphere-authentication-x509-anchors.crt" "${SYSCONFIGDIR}/monkeysphere-x509-anchors.crt"; do
    42. 

  42.         if [ -z "$KEYSERVER_OPTIONS" ] && [ -r "$anchorfile" ] ; then
    43. 

  43.             KEYSERVER_OPTIONS="keyserver-options ca-cert-file=$anchorfile"
    44. 

  44.             log debug "using $anchorfile for keyserver X.509 anchor"
    45. 

  45.         fi
    46. 

  46.     done
    47. 

  47. 

  48.     log debug "writing sphere gpg.conf..."
    49. 

  49.     cat >"${GNUPGHOME_SPHERE}"/gpg.conf <<EOF
    50. 

  50. # Monkeysphere trust sphere GnuPG configuration
    51. 

  51. # This file is maintained by the Monkeysphere software.
    52. 

  52. # Edits will be overwritten.
    53. 

  53. no-greeting
    54. 

  54. list-options show-uid-validity
    55. 

  55. keyid-format 0xlong
    56. 

  56. ${KEYSERVER_OPTIONS}
    57. 

  57. EOF
    58. 

  58. 

  59.     # make sure the monkeysphere user owns everything in the sphere
    60. 

  60.     # gnupghome
    61. 

  61.     log debug "fixing sphere gnupg home ownership..."
    62. 

  62.     chown "$MONKEYSPHERE_USER:$MONKEYSPHERE_GROUP" "${GNUPGHOME_SPHERE}" "${GNUPGHOME_SPHERE}"/gpg.conf
    63. 

  63. 

  64.     # get fingerprint of core key.  this should be empty on unconfigured systems.
    65. 

  65.     local CORE_FPR=$(core_fingerprint)
    66. 

  66.     log debug "core fingerprint: $CORE_FPR"
    67. 

  67. 

  68.     if [ -z "$CORE_FPR" ] ; then
    69. 

  69.     log info "setting up Monkeysphere authentication trust core..."
    70. 

  70. 

  71.     local CORE_UID=$(printf "Monkeysphere authentication trust core UID (random string: %s)" $(dd if=/dev/urandom bs=21 count=1 2>/dev/null | perl -MMIME::Base64 -ne 'print encode_base64($_)'))
    72. 

  72.     
    73. 

  73.     printf "generating monkeysphere authentication trust core key:\nsize: %d bits\nuid: '%s'\n" "$CORE_KEYLENGTH" "$CORE_UID" | log debug
    74. 

  74.     PEM2OPENPGP_USAGE_FLAGS=certify \
    75. 

  75.         PEM2OPENPGP_NEWKEY=$CORE_KEYLENGTH pem2openpgp "$CORE_UID" \
    76. 

  76.         | gpg_core --import \
    77. 

  77.         || failure "Could not import new key for Monkeysphere authentication trust core"
    78. 

  78. 

  79.     # get fingerprint of core key.  should definitely not be empty at this point
    80. 

  80.     CORE_FPR=$(core_fingerprint)
    81. 

  81.     log debug "core fingerprint: $CORE_FPR"
    82. 

  82.     if [ -z "$CORE_FPR" ] ; then
    83. 

  83.         failure "Failed to create Monkeysphere authentication trust core!"
    84. 

  84.     fi
    85. 

  85.     
    86. 

  86.     else 
    87. 

  87.     log verbose "Monkeysphere authentication trust core already exists."
    88. 

  88.     fi
    89. 

  89. 

  90.     # export the core key to the sphere keyring
    91. 

  91.     log debug "exporting core pub key to sphere keyring..."
    92. 

  92.     gpg_core --export | gpg_sphere --import
    93. 

  93. 

  94.     # ensure that the authentication sphere checker has absolute ownertrust on the expected key.
    95. 

  95.     log debug "setting ultimate owner trust on core key in gpg_sphere..."
    96. 

  96.     printf "%s:6:\n" "$CORE_FPR" | gpg_sphere --import-ownertrust 2>&1 | log verbose
    97. 

  97.     gpg_sphere --export-ownertrust 2>&1 | log debug
    98. 

  98. 

  99.     # check the owner trust
    100. 

  100.     log debug "checking gpg_sphere owner trust set properly..."
    101. 

  101.     local ORIG_TRUST
    102. 

  102.     if ORIG_TRUST=$(gpg_sphere "--export-ownertrust" | grep '^[^#]') ; then
    103. 

  103.     if [ "${CORE_FPR}:6:" != "$ORIG_TRUST" ] ; then
    104. 

  104.         failure "Monkeysphere authentication trust sphere should explicitly trust the core.  It does not have proper ownertrust settings."
    105. 

  105.     fi
    106. 

  106.     else
    107. 

  107.     failure "Could not get monkeysphere-authentication trust guidelines."
    108. 

  108.     # FIXME: what does this mean?  should we suggest how to fix?
    109. 

  109.     fi
    110. 

  110. 

  111.     # ensure that we're using the extended trust model (1), and that
    112. 

  112.     # our preferences are reasonable (i.e. 3 marginal OR 1 fully
    113. 

  113.     # trusted certifications are sufficient to grant full validity.
    114. 

  114.     log debug "checking trust model for authentication ..."
    115. 

  115.     local TRUST_MODEL=$(gpg_sphere "--with-colons --list-keys" 2>/dev/null \
    116. 

  116.     | head -n1 | grep "^tru:" | cut -d: -f3,6,7)
    117. 

  117.     log debug "sphere trust model: $TRUST_MODEL"
    118. 

  118.     if [ "$TRUST_MODEL" != '1:3:1' ] ; then
    119. 

  119.     failure "monkeysphere-authentication does not have the expected trust model settings."
    120. 

  120.     # FIXME: what does this mean?  should we suggest how to fix?
    121. 

  121.     fi
    122. 

  122. }
    123.
generated by cgit v1.2.3 (git 2.39.1) at 2024-04-27 19:13:45 +0000