summaryrefslogtreecommitdiff
path: root/src/share/ma/setup
blob: 5960ab4bd9b58a4742d031d368ffc7eb3375946c (plain) 
    

  1. # -*-shell-script-*-
    2. 

  2. # This should be sourced by bash (though we welcome changes to make it POSIX sh compliant)
    3. 

  3. 

  4. # Monkeysphere authentication setup subcommand
    5. 

  5. #
    6. 

  6. # The monkeysphere scripts are written by:
    7. 

  7. # Jameson Rollins <jrollins@finestructure.net>
    8. 

  8. # Jamie McClelland <jm@mayfirst.org>
    9. 

  9. # Daniel Kahn Gillmor <dkg@fifthhorseman.net>
    10. 

  10. #
    11. 

  11. # They are Copyright 2009, and are all released under the GPL,
    12. 

  12. # version 3 or later.
    13. 

  13. 

  14. setup() {
    15. 

  15.     # make all needed directories
    16. 

  16.     mkdir -p "${MADATADIR}"
    17. 

  17.     mkdir -p "${MATMPDIR}"
    18. 

  18.     mkdir -p "${GNUPGHOME_CORE}"
    19. 

  19.     chmod 700 "${GNUPGHOME_CORE}"
    20. 

  20.     mkdir -p "${GNUPGHOME_SPHERE}"
    21. 

  21.     chmod 700 "${GNUPGHOME_SPHERE}"
    22. 

  22.     mkdir -p "${MADATADIR}"/authorized_keys
    23. 

  23. 

  24.     # deliberately replace the config files via truncation
    25. 

  25.     # FIXME: should we be dumping to tmp files and then moving atomically?
    26. 

  26.     log debug "write core gpg.conf..."
    27. 

  27.     cat >"${GNUPGHOME_CORE}"/gpg.conf <<EOF
    28. 

  28. # Monkeysphere trust core GnuPG configuration
    29. 

  29. # This file is maintained by the Monkeysphere software.
    30. 

  30. # Edits will be overwritten.
    31. 

  31. no-greeting
    32. 

  32. list-options show-uid-validity
    33. 

  33. EOF
    34. 

  34. 

  35.     log debug "write sphere gpg.conf..."
    36. 

  36.     cat >"${GNUPGHOME_SPHERE}"/gpg.conf <<EOF
    37. 

  37. # Monkeysphere trust sphere GnuPG configuration
    38. 

  38. # This file is maintained by the Monkeysphere software.
    39. 

  39. # Edits will be overwritten.
    40. 

  40. no-greeting
    41. 

  41. primary-keyring ${GNUPGHOME_SPHERE}/pubring.gpg
    42. 

  42. list-options show-uid-validity
    43. 

  43. EOF
    44. 

  44. 

  45.     # make sure the monkeysphere user owns everything in the sphere
    46. 

  46.     # gnupghome
    47. 

  47.     log debuf "fix sphere gnupg home ownership..."
    48. 

  48.     chown -R "$MONKEYSPHERE_USER" "${GNUPGHOME_SPHERE}"
    49. 

  49.     chgrp -R "$MONKEYSPHERE_USER" "${GNUPGHOME_SPHERE}"
    50. 

  50. 

  51.     # get fingerprint of core key.  this should be empty on unconfigured systems.
    52. 

  52.     local CORE_FPR=$(core_fingerprint)
    53. 

  53.     log debug "core fingerprint: $CORE_FPR"
    54. 

  54. 

  55.     if [ -z "$CORE_FPR" ] ; then
    56. 

  56.     log info "setting up Monkeysphere authentication trust core..."
    57. 

  57. 

  58.     local CORE_UID=$(printf "Monkeysphere authentication trust core UID (random string: %s)" $(head -c21 </dev/urandom | base64))
    59. 

  59.     
    60. 

  60.     log debug "generating monkeysphere authentication trust core key ($CORE_KEYLENGTH bits)..."
    61. 

  61.     PEM2OPENPGP_USAGE_FLAGS=certify \
    62. 

  62.         PEM2OPENPGP_NEWKEY=$CORE_KEYLENGTH pem2openpgp "$CORE_UID" \
    63. 

  63.         | gpg_core --import \
    64. 

  64.         || failure "Could not import new key for Monkeysphere authentication trust core"
    65. 

  65. 

  66.     # get fingerprint of core key.  should definitely not be empty at this point
    67. 

  67.     CORE_FPR=$(core_fingerprint)
    68. 

  68.     log debug "core fingerprint: $CORE_FPR"
    69. 

  69.     if [ -z "$CORE_FPR" ] ; then
    70. 

  70.         failure "Failed to create Monkeysphere authentication trust core!"
    71. 

  71.     fi
    72. 

  72.     
    73. 

  73.     else 
    74. 

  74.     log verbose "This system has already set up the Monkeysphere authentication trust core."
    75. 

  75.     fi
    76. 

  76. 

  77.     # export the core key to the sphere keyring
    78. 

  78.     log debug "export core pub key to sphere keyring..."
    79. 

  79.     gpg_core --export | gpg_sphere --import
    80. 

  80. 

  81.     # ensure that the authentication sphere checker has absolute ownertrust on the expected key.
    82. 

  82.     log debug "set ultimate owner trust on core key in gpg_sphere..."
    83. 

  83.     printf "%s:6:\n" "$CORE_FPR" | gpg_sphere --import-ownertrust
    84. 

  84.     gpg_sphere --export-ownertrust | log debug
    85. 

  85. 

  86.     # check the owner trust
    87. 

  87.     log debug "check gpg_sphere owner trust set properly..."
    88. 

  88.     local ORIG_TRUST
    89. 

  89.     if ORIG_TRUST=$(gpg_sphere --export-ownertrust | grep '^[^#]') ; then
    90. 

  90.     if [ "${CORE_FPR}:6:" != "$ORIG_TRUST" ] ; then
    91. 

  91.         failure "Monkeysphere authentication trust sphere should explicitly trust the core.  It does not have proper ownertrust settings."
    92. 

  92.     fi
    93. 

  93.     else
    94. 

  94.     failure "Could not get monkeysphere-authentication trust guidelines."
    95. 

  95.     fi
    96. 

  96. 

  97.     # ensure that we're using the extended trust model (1), and that
    98. 

  98.     # our preferences are reasonable (i.e. 3 marginal OR 1 fully
    99. 

  99.     # trusted certifications are sufficient to grant full validity.
    100. 

  100.     log debug "checking trust level of core key..."
    101. 

  101.     local TRUST_LEVEL=$(gpg_sphere --with-colons --fixed-list-mode --list-keys \
    102. 

  102.     | head -n1 | grep "^tru:" | cut -d: -f3,6,7)
    103. 

  103.     log debug "sphere trust level of core: $TRUST_LEVEL"
    104. 

  104.     if [ "$TRUST_LEVEL" != '1:3:1' ] ; then
    105. 

  105.     failure "monkeysphere-authentication does not have the expected trust model settings."
    106. 

  106.     fi
    107. 

  107. }
    108.
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-03 07:05:40 +0000