summaryrefslogtreecommitdiff
path: root/src/share/ma/setup
blob: 90f748e40d149cbea9bb546090ea4991b8ba1d79 (plain) 
    

  1. # -*-shell-script-*-
    2. 

  2. # This should be sourced by bash (though we welcome changes to make it POSIX sh compliant)
    3. 

  3. 

  4. # Monkeysphere authentication setup subcommand
    5. 

  5. #
    6. 

  6. # The monkeysphere scripts are written by:
    7. 

  7. # Jameson Rollins <jrollins@finestructure.net>
    8. 

  8. # Jamie McClelland <jm@mayfirst.org>
    9. 

  9. # Daniel Kahn Gillmor <dkg@fifthhorseman.net>
    10. 

  10. #
    11. 

  11. # They are Copyright 2009, and are all released under the GPL,
    12. 

  12. # version 3 or later.
    13. 

  13. 

  14. setup() {
    15. 

  15.     # make all needed directories
    16. 

  16.     mkdir -p "${MADATADIR}"
    17. 

  17.     mkdir -p "${MATMPDIR}"
    18. 

  18.     mkdir -p "${GNUPGHOME_CORE}"
    19. 

  19.     chmod 700 "${GNUPGHOME_CORE}"
    20. 

  20.     mkdir -p "${GNUPGHOME_SPHERE}"
    21. 

  21.     chmod 700 "${GNUPGHOME_SPHERE}"
    22. 

  22.     mkdir -p "${MADATADIR}"/authorized_keys
    23. 

  23. 

  24.     # deliberately replace the config files via truncation
    25. 

  25.     # FIXME: should we be dumping to tmp files and then moving atomically?
    26. 

  26.     cat >"${GNUPGHOME_CORE}"/gpg.conf <<EOF
    27. 

  27. # Monkeysphere trust core GnuPG configuration
    28. 

  28. # This file is maintained by the Monkeysphere software.
    29. 

  29. # Edits will be overwritten.
    30. 

  30. no-greeting
    31. 

  31. list-options show-uid-validity
    32. 

  32. EOF
    33. 

  33.     
    34. 

  34.     cat >"${GNUPGHOME_SPHERE}"/gpg.conf <<EOF
    35. 

  35. # Monkeysphere trust sphere GnuPG configuration
    36. 

  36. # This file is maintained by the Monkeysphere software.
    37. 

  37. # Edits will be overwritten.
    38. 

  38. no-greeting
    39. 

  39. primary-keyring ${GNUPGHOME_SPHERE}/pubring.gpg
    40. 

  40. list-options show-uid-validity
    41. 

  41. EOF
    42. 

  42. 

  43.     # make sure the monkeysphere user owns everything in th sphere
    44. 

  44.     # gnupghome
    45. 

  45.     chown -R "$MONKEYPSHER_USER" "${GNUPGHOME_SPHERE}"
    46. 

  46.     chgrp -R "$MONKEYPSHER_USER" "${GNUPGHOME_SPHERE}"
    47. 

  47. 

  48.     # get fingerprint of core key.  this should be empty on unconfigured systems.
    49. 

  49.     local CORE_FPR=$(gpg_core --with-colons --fixed-list-mode --fingerprint --list-secret-key | grep ^fpr: | cut -f10 -d: )
    50. 

  50. 

  51.     if [ -z "$CORE_FPR" ] ; then
    52. 

  52.     log info "Setting up Monkeysphere authentication trust core..."
    53. 

  53. 

  54.     local CORE_UID=$(printf "Monkeysphere authentication trust core UID (random string: %s)" $(head -c21 </dev/urandom | base64))
    55. 

  55.     
    56. 

  56.     local TMPLOC=$(mktemp -d "${MATMPDIR}"/tmp.XXXXXXXXXX) || failure "Could not create temporary directory!"
    57. 

  57. 

  58.     # generate the key with ssh-keygen...
    59. 

  59.     log debug "generating ssh key..."
    60. 

  60.     ssh-keygen -q -b 1024 -t rsa -N '' -f "${TMPLOC}/authkey" || failure "Could not generate new key for Monkeysphere authentication trust core"
    61. 

  61.     # and then translate to openpgp encoding and import
    62. 

  62.     # FIXME: pem2openpgp currently sets the A flag and a short
    63. 

  63.     # expiration date.  We should set the C flag and no expiration
    64. 

  64.     # date.
    65. 

  65.     log debug "converting ssh key to pgp key and importing into core..."
    66. 

  66.     < "${TMPLOC}/authkey" pem2openpgp "$CORE_UID" | gpg_core --import || failure "Could not import new key for Monkeysphere authentication trust core"
    67. 

  67. 

  68.     # get fingerprint of core key.  should definitely not be empty at this point
    69. 

  69.     log debug "get core key fingerprint..."
    70. 

  70.     CORE_FPR=$(gpg_core --with-colons --fixed-list-mode --fingerprint --list-secret-key | grep ^fpr: | cut -f10 -d: )
    71. 

  71.     if [ -z "$CORE_FPR" ] ; then
    72. 

  72.         failure "Failed to create Monkeysphere authentication trust core!"
    73. 

  73.     fi
    74. 

  74.     
    75. 

  75.     else 
    76. 

  76.     log verbose "This system has already set up the Monkeysphere authentication trust core."
    77. 

  77.     fi
    78. 

  78. 

  79. 

  80.     # ensure that the authentication sphere checker has absolute ownertrust on the expected key.
    81. 

  81.     log debug "set ultimate owner trust on core key in gpg_sphere..."
    82. 

  82.     printf "%s:6:\n" "$CORE_FPR" | gpg_sphere --import-ownertrust
    83. 

  83.     local ORIG_TRUST
    84. 

  84.     log debug "check gpg_sphere owner trust set properly..."
    85. 

  85.     if ORIG_TRUST=$(gpg_sphere --export-ownertrust | grep '^[^#]') ; then
    86. 

  86.     if [ "${CORE_FPR}:6:" != "$ORIG_TRUST" ] ; then
    87. 

  87.         failure "Monkeysphere authentication trust sphere should explicitly trust the core.  It does not have proper ownertrust settings."
    88. 

  88.     fi
    89. 

  89.     else
    90. 

  90.     failure "Could not get monkeysphere-authentication trust guidelines."
    91. 

  91.     fi
    92. 

  92. 

  93.     # ensure that we're using the extended trust model (1), and that
    94. 

  94.     # our preferences are reasonable (i.e. 3 marginal OR 1 fully
    95. 

  95.     # trusted certifications are sufficient to grant full validity.
    96. 

  96.     log debug "check trust level of core key..."
    97. 

  97.     if [ "1:3:1" != $(gpg_sphere --with-colons --fixed-list-mode --list-keys | head -n1 | grep ^tru: cut -f3,6,7 -d:) ] ; then
    98. 

  98.     failure "monkeysphere-authentication does not have the expected trust model settings."
    99. 

  99.     fi
    100. 

  100. }
    101.
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-03 07:05:38 +0000