X-Git-Url: https://codewiz.org/gitweb?a=blobdiff_plain;f=src%2Fmonkeysphere;h=8ddfe7fdc93513d5552c93f40407206777f85825;hb=4d54f1d8b9a3d9ee4e6bd0b0d9fdccb99e6a6245;hp=3f127e6f1c0f7dd49a2c08517814350d992ee602;hpb=5eab2f06d17f8a178c6fe61a7bf9fcba349e7680;p=monkeysphere.git diff --git a/src/monkeysphere b/src/monkeysphere index 3f127e6..8ddfe7f 100755 --- a/src/monkeysphere +++ b/src/monkeysphere @@ -32,7 +32,7 @@ umask 077 ######################################################################## usage() { -cat < [options] [args] MonkeySphere client tool. @@ -89,9 +89,22 @@ gen_subkey(){ esac done - keyID="$1" + if [ -z "$1" ] ; then + # find all secret keys + keyID=$(gpg --with-colons --list-secret-keys | grep ^sec | cut -f5 -d:) + # if multiple sec keys exist, fail + if (( $(echo "$keyID" | wc -l) > 1 )) ; then + echo "Multiple secret keys found:" + echo "$keyID" + failure "Please specify which primary key to use." + fi + else + keyID="$1" + fi if [ -z "$keyID" ] ; then - failure "You must specify the key ID of your primary key." + failure "You have no secret key available. You should create an OpenPGP +key before joining the monkeysphere. You can do this with: + gpg --gen-key" fi # get key output, and fail if not found @@ -203,8 +216,9 @@ case $COMMAND in 'update-known_hosts'|'update-known-hosts'|'k') MODE='known_hosts' + # check permissions on the known_hosts file path if ! check_key_file_permissions "$USER" "$KNOWN_HOSTS" ; then - failure "Improper permissions on known_hosts file." + failure "Improper permissions on known_hosts file path." fi # if hosts are specified on the command line, process just @@ -216,8 +230,10 @@ case $COMMAND in # otherwise, if no hosts are specified, process every host # in the user's known_hosts file else + # exit if the known_hosts file does not exist if [ ! -e "$KNOWN_HOSTS" ] ; then - failure "known_hosts file '$KNOWN_HOSTS' does not exist." + log "known_hosts file '$KNOWN_HOSTS' does not exist." + exit fi process_known_hosts @@ -228,13 +244,20 @@ case $COMMAND in 'update-authorized_keys'|'update-authorized-keys'|'a') MODE='authorized_keys' - # fail if the authorized_user_ids file is empty - if [ ! -e "$AUTHORIZED_USER_IDS" ] ; then - failure "authorized_user_ids file '$AUTHORIZED_USER_IDS' does not exist." + # check permissions on the authorized_user_ids file path + if ! check_key_file_permissions "$USER" "$AUTHORIZED_USER_IDS" ; then + failure "Improper permissions on authorized_user_ids file path." fi - if ! check_key_file_permissions "$USER" "$AUTHORIZED_USER_IDS" ; then - failure "Improper permissions on authorized_user_ids file." + # check permissions on the authorized_keys file path + if ! check_key_file_permissions "$USER" "$AUTHORIZED_KEYS" ; then + failure "Improper permissions on authorized_keys file path." + fi + + # exit if the authorized_user_ids file is empty + if [ ! -e "$AUTHORIZED_USER_IDS" ] ; then + log "authorized_user_ids file '$AUTHORIZED_USER_IDS' does not exist." + exit fi # process authorized_user_ids file