projects
/
monkeysphere.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
fix permissions and ownership on authentication directories.
[monkeysphere.git]
/
src
/
share
/
ma
/
setup
diff --git
a/src/share/ma/setup
b/src/share/ma/setup
index 248406fa2ee11fefc58b529fdd6e9f526a965ea8..1685e5da797613a0151c2e5f8729ef071ce1a3e4 100644
(file)
--- a/
src/share/ma/setup
+++ b/
src/share/ma/setup
@@
-13,13
+13,17
@@
setup() {
# make all needed directories
setup() {
# make all needed directories
+ log debug "make authentication directory structure..."
mkdir -p "${MADATADIR}"
mkdir -p "${MADATADIR}"
+ chmod 750 "${MADATADIR}"
+ chgrp "$MONKEYSPHERE_USER" "${MADATADIR}"
mkdir -p "${MATMPDIR}"
mkdir -p "${MATMPDIR}"
+ chmod 750 "${MATMPDIR}"
+ chgrp "$MONKEYSPHERE_USER" "${MATMPDIR}"
mkdir -p "${GNUPGHOME_CORE}"
chmod 700 "${GNUPGHOME_CORE}"
mkdir -p "${GNUPGHOME_SPHERE}"
chmod 700 "${GNUPGHOME_SPHERE}"
mkdir -p "${GNUPGHOME_CORE}"
chmod 700 "${GNUPGHOME_CORE}"
mkdir -p "${GNUPGHOME_SPHERE}"
chmod 700 "${GNUPGHOME_SPHERE}"
- mkdir -p "${SYSDATADIR}"/authorized_keys
# deliberately replace the config files via truncation
# FIXME: should we be dumping to tmp files and then moving atomically?
# deliberately replace the config files via truncation
# FIXME: should we be dumping to tmp files and then moving atomically?
@@
-29,7
+33,6
@@
setup() {
# This file is maintained by the Monkeysphere software.
# Edits will be overwritten.
no-greeting
# This file is maintained by the Monkeysphere software.
# Edits will be overwritten.
no-greeting
-list-options show-uid-validity
EOF
log debug "writing sphere gpg.conf..."
EOF
log debug "writing sphere gpg.conf..."
@@
-43,9
+46,8
@@
EOF
# make sure the monkeysphere user owns everything in the sphere
# gnupghome
# make sure the monkeysphere user owns everything in the sphere
# gnupghome
- log debuf "fixing sphere gnupg home ownership..."
- chown -R "$MONKEYSPHERE_USER" "${GNUPGHOME_SPHERE}"
- chgrp -R "$MONKEYSPHERE_USER" "${GNUPGHOME_SPHERE}"
+ log debug "fixing sphere gnupg home ownership..."
+ chown "$MONKEYSPHERE_USER:$MONKEYSPHERE_USER" "${GNUPGHOME_SPHERE}" "${GNUPGHOME_SPHERE}"/gpg.conf
# get fingerprint of core key. this should be empty on unconfigured systems.
local CORE_FPR=$(core_fingerprint)
# get fingerprint of core key. this should be empty on unconfigured systems.
local CORE_FPR=$(core_fingerprint)
@@
-80,7
+82,7
@@
EOF
# ensure that the authentication sphere checker has absolute ownertrust on the expected key.
log debug "setting ultimate owner trust on core key in gpg_sphere..."
printf "%s:6:\n" "$CORE_FPR" | gpg_sphere "--import-ownertrust"
# ensure that the authentication sphere checker has absolute ownertrust on the expected key.
log debug "setting ultimate owner trust on core key in gpg_sphere..."
printf "%s:6:\n" "$CORE_FPR" | gpg_sphere "--import-ownertrust"
- gpg_sphere "--export-ownertrust"
+ gpg_sphere "--export-ownertrust"
2>&1 | log debug
# check the owner trust
log debug "checking gpg_sphere owner trust set properly..."
# check the owner trust
log debug "checking gpg_sphere owner trust set properly..."