explicitly set MONKEYSPHERE_GROUP

[monkeysphere.git] / src / share / mh / publish_key

diff --git a/src/share/mh/publish_key b/src/share/mh/publish_key
index 988b4503ed18113fbb81ba6a9a9542d842ac842b..ab1b2dc055d3dfbafc01b5dd6d4ec2ef4e2f795e 100644 (file)
--- a/src/share/mh/publish_key
+++ b/src/share/mh/publish_key
@@ -15,17 +15,35 @@
 
 publish_key() {
 
-read -p "Really publish host key to $KEYSERVER? (y/N) " OK; OK=${OK:=N}
-if [ ${OK/y/Y} != 'Y' ] ; then
-    failure "key not published."
+local GNUPGHOME
+
+if [ "$PROMPT" = "true" ] ; then
+    read -p "Really publish host key to $KEYSERVER? (Y/n) " OK; OK=${OK:=Y}
+    if [ "${OK/y/Y}" != 'Y' ] ; then
+       failure "key not published."
+    fi
+else
+    log debug "publishing key without prompting."
 fi
 
-# find the key fingerprint
-fingerprint=$(fingerprint_host_key)
+# create a temporary gnupg directory from which to publish the key
+export GNUPGHOME=$(msmktempdir)
+chmod 0700 "$GNUPGHOME"
+chown "$MONKEYSPHERE_USER":"$MONKEYSPHERE_GROUP" "$GNUPGHOME"
+
+# trap to remove tmp dir if break
+trap "rm -rf $GNUPGHOME" EXIT
+
+# import the host key into the tmp dir
+su_monkeysphere_user \
+    "gpg --quiet --import" <"$HOST_KEY_FILE"
 
 # publish host key
-# FIXME: need to define how to do this
-#gpg_authentication "--keyserver $KEYSERVER --send-keys '0x${fingerprint}!'"
-echo "not published!!!"
+su_monkeysphere_user \
+    "gpg --keyserver $KEYSERVER --send-keys '0x${HOST_FINGERPRINT}!'"
+
+# remove the tmp file
+trap - EXIT
+rm -rf "$GNUPGHOME"
 
 }