X-Git-Url: https://codewiz.org/gitweb?a=blobdiff_plain;f=monkeysphere.conf;h=640120382d75d1cbee31882b49562a6328f7331b;hb=d89dfcbf8f15e50f807a1aa133e967ff06cb37fb;hp=1a6cff19597873aa4753bfe8eb31368618ac1504;hpb=b6ffd187f988196f6295b23da82dc13c3aff239b;p=monkeysphere.git

diff --git a/monkeysphere.conf b/monkeysphere.conf
index 1a6cff1..6401203 100644
--- a/monkeysphere.conf
+++ b/monkeysphere.conf
@@ -1,26 +1,30 @@
-# monkeysphere configuration file
-# this is currently meant to be sourced by bash.
+# monkeysphere system configuration file
 
-# configuration directory
-CONF_DIR=/etc/monkeysphere
+# This is particular configuration is meant to be sourced by the
+# rhesus shell script when run in administrative mode to maintain
+# authorized_keys files for users.
 
-# where the per-user authorized user id files are stored
-AUTH_USER_IDS_DIR="$CONF_DIR"/auth_user_ids
+AUTHORIZED_USER_IDS=/etc/monkeysphere/authorized_user_ids/"$USER"
 
-# where the per-user authorized_keys info is stored
-#AUTH_KEYS_DIR=/var/lib/monkeysphere/authorized_keys
-AUTH_KEYS_DIR="$CONF_DIR"/authorized_keys
+STAGING_AREA=/var/lib/monkeysphere/stage/"$USER"
 
 # gpg home directory for server
-GNUPGHOME="$CONF_DIR"/gnupg
+GNUPGHOME=/etc/monkeysphere/gnupg
 
 # gpg keyserver to search for keys
 KEYSERVER=subkeys.pgp.net
 
-# acceptable key capabilities for user keys
-# can be any combination of:
+# required capabilities of keys
+# must be quoted, lowercase, space-seperated list of the following:
 #   e = encrypt
 #   s = sign
 #   c = certify
 #   a = authentication
-REQUIRED_KEY_CAPABILITY='sca'
+REQUIRED_KEY_CAPABILITY="e a"
+
+# Path to user-controlled authorized_keys file to add to
+# Monkeysphere-generated authorized_keys file. If empty, then no
+# user-controlled file will be added.  To specify the user's home
+# directory, use the string "~${USER}"
+USER_CONTROLLED_AUTHORIZED_KEYS="~${USER}/.ssh/authorized_keys"
+