add some log debug redirects

[monkeysphere.git] / src / share / ma / setup

diff --git a/src/share/ma/setup b/src/share/ma/setup
index f989db6e41c326bf74f189140a7effa1ed94c28f..441df2808b920a061aeb5774051e5e39f24b4821 100644 (file)
--- a/src/share/ma/setup
+++ b/src/share/ma/setup
@@ -19,7 +19,7 @@ setup() {
     chmod 700 "${GNUPGHOME_CORE}"
     mkdir -p "${GNUPGHOME_SPHERE}"
     chmod 700 "${GNUPGHOME_SPHERE}"
-    mkdir -p "${MADATADIR}"/authorized_keys
+    mkdir -p "${SYSDATADIR}"/authorized_keys
 
     # deliberately replace the config files via truncation
     # FIXME: should we be dumping to tmp files and then moving atomically?
@@ -70,37 +70,39 @@ EOF
        fi
        
     else 
-       log verbose "This system has already set up the Monkeysphere authentication trust core."
+       log verbose "Monkeysphere authentication trust core already exists."
     fi
 
     # export the core key to the sphere keyring
     log debug "exporting core pub key to sphere keyring..."
-    gpg_core --export | gpg_sphere --import
+    gpg_core --export | gpg_sphere "--import"
 
     # ensure that the authentication sphere checker has absolute ownertrust on the expected key.
     log debug "setting ultimate owner trust on core key in gpg_sphere..."
-    printf "%s:6:\n" "$CORE_FPR" | gpg_sphere --import-ownertrust
-    gpg_sphere --export-ownertrust | log debug
+    printf "%s:6:\n" "$CORE_FPR" | gpg_sphere "--import-ownertrust"
+    gpg_sphere "--export-ownertrust" 2>&1 | log debug
 
     # check the owner trust
     log debug "checking gpg_sphere owner trust set properly..."
     local ORIG_TRUST
-    if ORIG_TRUST=$(gpg_sphere --export-ownertrust | grep '^[^#]') ; then
+    if ORIG_TRUST=$(gpg_sphere "--export-ownertrust" | grep '^[^#]') ; then
        if [ "${CORE_FPR}:6:" != "$ORIG_TRUST" ] ; then
            failure "Monkeysphere authentication trust sphere should explicitly trust the core.  It does not have proper ownertrust settings."
        fi
     else
        failure "Could not get monkeysphere-authentication trust guidelines."
+       # FIXME: what does this mean?  should we suggest how to fix?
     fi
 
     # ensure that we're using the extended trust model (1), and that
     # our preferences are reasonable (i.e. 3 marginal OR 1 fully
     # trusted certifications are sufficient to grant full validity.
     log debug "checking trust model for authentication ..."
-    local TRUST_LEVEL=$(gpg_sphere "--with-colons --fixed-list-mode --list-keys" \
+    local TRUST_MODEL=$(gpg_sphere "--with-colons --fixed-list-mode --list-keys" \
        | head -n1 | grep "^tru:" | cut -d: -f3,6,7)
     log debug "sphere trust model: $TRUST_MODEL"
     if [ "$TRUST_MODEL" != '1:3:1' ] ; then
        failure "monkeysphere-authentication does not have the expected trust model settings."
+       # FIXME: what does this mean?  should we suggest how to fix?
     fi
 }