# Jamie McClelland <jm@mayfirst.org>
# Daniel Kahn Gillmor <dkg@fifthhorseman.net>
#
-# Copyright 2008, released under the GPL, version 3 or later
+# Copyright 2008-2009, released under the GPL, version 3 or later
# all-caps variables are meant to be user supplied (ie. from config
# file) and are considered global
export SYSCONFIGDIR
# monkeysphere version
-VERSION=__VERSION__
+VERSION=0.23~pre
########################################################################
### UTILITY FUNCTIONS
# write output to stderr based on specified LOG_LEVEL the first
# parameter is the priority of the output, and everything else is what
-# is echoed to stderr
+# is echoed to stderr. If there is nothing else, then output comes
+# from stdin, and is not prefaced by log prefix.
log() {
local priority
local level
output=true
fi
if [ "$priority" = "$level" -a "$output" = 'true' ] ; then
- echo -n "ms: " >&2
- echo "$@" >&2
+ if [ "$1" ] ; then
+ echo -n "ms: " >&2
+ echo "$@" >&2
+ else
+ cat >&2
+ fi
fi
done
}
+# run command as monkeysphere user
+su_monkeysphere_user() {
+ # our main goal here is to run the given command as the the
+ # monkeysphere user, but without prompting for any sort of
+ # authentication. If this is not possible, we should just fail.
+
+ # FIXME: our current implementation is overly restrictive, because
+ # there may be some su PAM configurations that would allow su
+ # "$MONKEYSPHERE_USER" -c "$@" to Just Work without prompting,
+ # allowing specific users to invoke commands which make use of
+ # this user.
+
+ # chpst (from runit) would be nice to use, but we don't want to
+ # introduce an extra dependency just for this. This may be a
+ # candidate for re-factoring if we switch implementation languages.
+
+ case $(id -un) in
+ # if monkeysphere user, run the command under bash
+ "$MONKEYSPHERE_USER")
+ bash -c "$@"
+ ;;
+
+ # if root, su command as monkeysphere user
+ 'root')
+ su "$MONKEYSPHERE_USER" -c "$@"
+ ;;
+
+ # otherwise, fail
+ *)
+ log error "non-privileged user."
+ ;;
+ esac
+}
+
# cut out all comments(#) and blank lines from standard input
meat() {
grep -v -e "^[[:space:]]*#" -e '^$' "$1"
head --line="$1" "$2" | tail -1
}
+# make a temporary directly
+msmktempdir() {
+ mktemp -d ${TMPDIR:-/tmp}/tmp.XXXXXXXXXX
+}
+
# this is a wrapper for doing lock functions.
#
# it lets us depend on either lockfile-progs (preferred) or procmail's
else
lockfile -r 20 "${file}.lock" || failure "unable to lock '$file'"
fi
+ log debug "lock created on '$file'."
;;
touch)
if [ -n "$use_lockfileprogs" ] ; then
else
: Nothing to do here
fi
+ log debug "lock touched on '$file'."
;;
remove)
if [ -n "$use_lockfileprogs" ] ; then
else
rm -f "${file}.lock"
fi
+ log debug "lock removed on '$file'."
;;
*)
failure "bad argument for lock subfunction '$action'"
uname="$1"
path="$2"
+ log debug "checking path permission '$path'..."
+
# return 255 if cannot stat file
if ! stat=$(ls -ld "$path" 2>/dev/null) ; then
log error "could not stat path '$path'."
# remove the lockfile and the trap
lock remove "$AUTHORIZED_KEYS"
+
+ # remove the trap
trap - EXIT
# note if the authorized_keys file was updated
update_authorized_keys "${userIDs[@]}"
}
+
+# takes a gpg key or keys on stdin, and outputs a list of
+# fingerprints, one per line:
+list_primary_fingerprints() {
+ local file="$1"
+ local fake=$(msmktempdir)
+ GNUPGHOME="$fake" gpg --no-tty --quiet --import
+ GNUPGHOME="$fake" gpg --with-colons --fingerprint --list-keys | \
+ awk -F: '/^fpr:/{ print $10 }'
+ rm -rf "$fake"
+}