2 # This should be sourced by bash (though we welcome changes to make it POSIX sh compliant)
4 # Monkeysphere host revoke-hostname subcommand
6 # The monkeysphere scripts are written by:
7 # Jameson Rollins <jrollins@finestructure.net>
8 # Jamie McClelland <jm@mayfirst.org>
9 # Daniel Kahn Gillmor <dkg@fifthhorseman.net>
11 # They are Copyright 2008-2009, and are all released under the GPL,
14 # revoke hostname user ID from host key
26 failure "You must specify a hostname to revoke."
31 # make sure the user ID to revoke
32 find_host_userid "$userID" || \
33 failure "No non-revoked user ID found matching '$userID'."
35 if [ "$PROMPT" = "true" ] ; then
36 printf "The following host key user ID will be revoked:\n %s\nAre you sure you would like to revoke this user ID? (Y/n) " "$userID" >&2
38 if [ "${OK/y/Y}" != 'Y' ] ; then
39 failure "User ID not revoked."
42 log debug "revoking user ID without prompting."
47 # the gpg secring might not contain the host key we are trying to
48 # revoke (let alone any selfsig over that host key), but the plain
49 # --export won't contain the secret key. "keytrans revokeuserid"
50 # needs access to both pieces, so we feed it both of them.
52 if (cat "$GNUPGHOME_HOST/secring.gpg" && gpg_host --export "$HOST_FINGERPRINT") | \
53 "$SYSSHAREDIR/keytrans" revokeuserid \
54 "$HOST_FINGERPRINT" "$userID" | gpg_host --import ; then
55 gpg_host --check-trustdb
62 echo "NOTE: User ID revoked, but revocation not published."
63 echo "Run '$PGRM publish-key' to publish the revocation."
65 failure "Problem revoking user ID."