fix some authorized_keys updating bugs in ms-server, and update to use
[monkeysphere.git] / src / monkeysphere-server
index 40a6b5481cd3156372aa29d9d4348ec96cf9da03..db2f428e5a9377caa2628ee7966ec2bb03b8a7ab 100755 (executable)
@@ -21,6 +21,9 @@ DATE=$(date -u '+%FT%T')
 # unset some environment variables that could screw things up
 GREP_OPTIONS=
 
+# default return code
+ERR=0
+
 ########################################################################
 # FUNCTIONS
 ########################################################################
@@ -31,11 +34,11 @@ usage: $PGRM <subcommand> [args]
 MonkeySphere server admin tool.
 
 subcommands:
-  update-users (s) [USER]...            update users authorized_keys files
+  update-users (u) [USER]...            update users authorized_keys files
   gen-key (g) [HOSTNAME]                generate gpg key for the server
   show-fingerprint (f)                  show server's host key fingerprint
-  publish-key (p)                       publish server key to keyserver
-  trust-keys (t) KEYID...               mark keyids as trusted
+  publish-key (p)                       publish server's host key to keyserver
+  trust-key (t) KEYID [LEVEL]           set owner trust for keyid
   help (h,?)                            this help
 
 EOF
@@ -168,7 +171,7 @@ mkdir -p -m 0700 "$GNUPGHOME"
 mkdir -p "${CACHE}/authorized_keys"
 
 case $COMMAND in
-    'update-users'|'update-user'|'s')
+    'update-users'|'update-user'|'u')
        if [ "$1" ] ; then
            # get users from command line
            unames="$@"
@@ -187,44 +190,49 @@ case $COMMAND in
                continue
            fi
 
-           # set authorized_user_ids variable,
-           # translate ssh-style path variables
-           authorizedUserIDs=$(translate_ssh_variables "$uname" "$AUTHORIZED_USER_IDS")
-
-           # skip user if authorized_user_ids file does not exist
-           if [ ! -f "$authorizedUserIDs" ] ; then
-               continue
-           fi
-
            log "----- user: $uname -----"
 
+           # set authorized_user_ids variable, translating ssh-style
+           # path variables
+           authorizedUserIDs=$(translate_ssh_variables "$uname" "$AUTHORIZED_USER_IDS")
+
            # temporary authorized_keys file
            AUTHORIZED_KEYS=$(mktemp)
 
-           # skip if the user's authorized_user_ids file is empty
-           if [ ! -s "$authorizedUserIDs" ] ; then
-               log "authorized_user_ids file '$authorizedUserIDs' is empty."
-               continue
-           fi
-
            # process authorized_user_ids file
-           log "processing authorized_user_ids file..."
-           process_authorized_user_ids "$authorizedUserIDs"
+           if [ -s "$authorizedUserIDs" ] ; then
+               log "processing authorized_user_ids file..."
+               process_authorized_user_ids "$authorizedUserIDs"
+           fi
 
            # add user-controlled authorized_keys file path if specified
            if [ "$USER_CONTROLLED_AUTHORIZED_KEYS" != '-' ] ; then
                userAuthorizedKeys=$(translate_ssh_variables "$uname" "$USER_CONTROLLED_AUTHORIZED_KEYS")
-               if [ -f "$userAuthorizedKeys" ] ; then
+               if [ -s "$userAuthorizedKeys" ] ; then
                    log -n "adding user's authorized_keys file... "
                    cat "$userAuthorizedKeys" >> "$AUTHORIZED_KEYS"
                    loge "done."
                fi
            fi
 
-           # move the temp authorized_keys file into place
-           mv -f "$AUTHORIZED_KEYS" "${CACHE}/authorized_keys/${uname}"
+           # if the resulting authorized_keys file is not empty
+           if [ -s "$AUTHORIZED_KEYS" ] ; then
+               # openssh appears to check the contents of the
+                # authorized_keys file as the user in question, so the
+                # file must be readable by that user at least.
+               # FIXME: is there a better way to do this?
+               chgrp $(getent passwd "$uname" | cut -f4 -d:) "$AUTHORIZED_KEYS"
+               chmod g+r "$AUTHORIZED_KEYS"
+
+               # move the temp authorized_keys file into place
+               mv -f "$AUTHORIZED_KEYS" "${CACHE}/authorized_keys/${uname}"
+
+               log "authorized_keys file updated."
 
-           log "authorized_keys file updated."
+           # else destroy it
+           else
+               rm -f "$AUTHORIZED_KEYS"
+           fi
        done
        ;;
 
@@ -240,15 +248,8 @@ case $COMMAND in
        publish_server_key
        ;;
 
-    'trust-keys'|'trust-key'|'t')
-       if [ -z "$1" ] ; then
-           failure "You must specify at least one key to trust."
-       fi
-
-       # process key IDs
-       for keyID ; do
-           trust_key "$keyID"
-       done
+    'trust-key'|'trust-key'|'t')
+       trust_key "$@"
        ;;
 
     'help'|'h'|'?')