-host_keys_dir="$STAGING_AREA"/host_keys
-user_keys_dir="$STAGING_AREA"/user_keys
-known_hosts_stage_file="$STAGING_AREA"/known_hosts
-authorized_keys_stage_file="$STAGING_AREA"/authorized_keys
-
-# act on mode
-if [ "$mode" = '--known_hosts' -o "$mode" = '-k' ] ; then
-
- # set variables for process_keys command
- ids_file="$AUTH_HOST_FILE"
- log -n "[$USER] "
- if [ ! -s "$ids_file" ] ; then
- echo "auth_host_ids file is empty or does not exist."
- exit
- else
- echo "updating known_hosts file..."
- fi
- key_dir="$host_keys_dir"
-
- # process the keys
- process_keys
-
- # write known_hosts file
- > "$known_hosts_stage_file"
- if [ $(ls "$key_dir") ] ; then
- log -n "writing known_hosts stage file..."
- cat "$key_dir"/* > "$known_hosts_stage_file"
- echo "done."
- else
- log "no gpg keys to add to known_hosts file."
- fi
- if [ -s "$HOME"/.ssh/known_hosts ] ; then
- log -n "adding user known_hosts file... "
- cat "$HOME"/.ssh/known_hosts >> "$known_hosts_stage_file"
- echo "done."
- fi
- log "known_hosts file updated: $known_hosts_stage_file"
-
-elif [ "$mode" = '--authorized_keys' -o "$mode" = '-a' ] ; then
-
- # set variables for process_keys command
- ids_file="$AUTH_USER_FILE"
- log -n "[$USER] "
- if [ ! -s "$ids_file" ] ; then
- echo "auth_user_ids file is empty or does not exist."
- exit
- else
- echo "updating authorized_keys file:"
- fi
- key_dir="$user_keys_dir"
-
- # process the keys
- process_keys
-
- # write authorized_keys file
- > "$authorized_keys_stage_file"
- if [ $(ls "$key_dir") ] ; then
- log -n "writing ms authorized_keys file... "
- cat "$key_dir"/* > "$authorized_keys_stage_file"
- echo "done."
- else
- log "no gpg keys to add to authorized_keys file."
- fi
- if [ -s "$HOME"/.ssh/authorized_keys ] ; then
- log -n "adding user authorized_keys file... "
- cat "$HOME"/.ssh/authorized_keys >> "$authorized_keys_stage_file"
- echo "done."
- fi
- log "authorized_keys file updated: $authorized_keys_stage_file"
+# stagging locations
+hostKeysCacheDir="$STAGING_AREA"/host_keys
+userKeysCacheDir="$STAGING_AREA"/user_keys
+msKnownHosts="$STAGING_AREA"/known_hosts
+msAuthorizedKeys="$STAGING_AREA"/authorized_keys
+
+# set mode variables
+if [ "$mode" = 'known_hosts' -o "$mode" = 'k' ] ; then
+ fileType=known_hosts
+ authFileType=auth_host_ids
+ authIDsFile="$AUTH_HOST_FILE"
+ outFile="$msKnownHosts"
+ cacheDir="$hostKeysCacheDir"
+ userFile="$USER_KNOWN_HOSTS"
+elif [ "$mode" = 'authorized_keys' -o "$mode" = 'a' ] ; then
+ fileType=authorized_keys
+ authFileType=auth_user_ids
+ authIDsFile="$AUTH_USER_FILE"
+ outFile="$msAuthorizedKeys"
+ cacheDir="$userKeysCacheDir"
+ userFile="$USER_AUTHORIZED_KEYS"
+else
+ failure "unknown command '$mode'."
+fi
+
+# check auth ids file
+if [ ! -s "$authIDsFile" ] ; then
+ echo "'$authFileType' file is empty or does not exist."
+ exit
+fi
+
+log "user '$USER': monkeysphere $fileType generation"
+
+# make sure gpg home exists with proper permissions
+mkdir -p -m 0700 "$GNUPGHOME"
+
+# if users are specified on the command line, process just
+# those users
+if [ "$1" ] ; then
+ # process userids given on the command line
+ for userID ; do
+ if ! grep -q "$userID" "$authIDsFile" ; then
+ log "userid '$userID' not in $authFileType file."
+ continue
+ fi
+ log "processing user id: '$userID'"
+ process_user_id "$userID" "$cacheDir"
+ done
+# otherwise if no users are specified, process the entire
+# auth_*_ids file
+else
+ # process the auth file
+ process_auth_file "$authIDsFile" "$cacheDir"
+fi
+
+# write output key file
+log "writing ms $fileType file... "
+> "$outFile"
+if [ "$(ls "$cacheDir")" ] ; then
+ log -n "adding gpg keys... "
+ cat "$cacheDir"/* > "$outFile"
+ echo "done."
+else
+ log "no gpg keys to add."
+fi
+if [ -s "$userFile" ] ; then
+ log -n "adding user $fileType file... "
+ cat "$userFile" >> "$outFile"
+ echo "done."