########################################################################
PGRM=$(basename $0)
-SHARE=${MONKEYSPHERE_SHARE:="/usr/share/monkeysphere"}
+SHARE=${MONKEYSPHERE_SHARE:-"/usr/share/monkeysphere"}
export SHARE
. "${SHARE}/common" || exit 1
-VARLIB="/var/lib/monkeysphere"
-export VARLIB
+SYSDATADIR=${MONKEYSPHERE_SYSDATADIR:-"/var/lib/monkeysphere"
+export SYSDATADIR
# UTC date in ISO 8601 format if needed
DATE=$(date -u '+%FT%T')
}
su_monkeysphere_user() {
- su -m "$MONKEYSPHERE_USER" -c "$@"
+ su "$MONKEYSPHERE_USER" -c "$@"
}
# function to interact with the host gnupg keyring
warndate=$(advance_date $warnwindow +%s)
if ! id monkeysphere >/dev/null ; then
- echo "! No monkeysphere user found! Please create a monkeysphere system user."
+ echo "! No monkeysphere user found! Please create a monkeysphere system user with bash as its shell."
problemsfound=$(($problemsfound+1))
fi
# FIXME: make sure that at least one identity certifier exists
+# FIXME: look at the timestamps on the monkeysphere-generated
+# authorized_keys files -- warn if they seem out-of-date.
+
echo
echo "Checking for MonkeySphere-enabled public-key authentication for users ..."
# Ensure that User ID authentication is enabled:
unset MONKEYSPHERE_USER
# load configuration file
-[ -e ${MONKEYSPHERE_SERVER_CONFIG:="${ETC}/monkeysphere-server.conf"} ] && . "$MONKEYSPHERE_SERVER_CONFIG"
+[ -e ${MONKEYSPHERE_SERVER_CONFIG:="${SYSCONFIGDIR}/monkeysphere-server.conf"} ] && . "$MONKEYSPHERE_SERVER_CONFIG"
# set empty config variable with ones from the environment, or with
# defaults