X-Git-Url: https://codewiz.org/gitweb?a=blobdiff_plain;f=src%2Fmonkeysphere;h=ff4423ba11107365afb2343f46232baf35bf1b22;hb=07cb14cdb80ef060e63ba2713ef70b67db9f5783;hp=69741e1c10df0aa177b9b7f903c6ccba8ad14510;hpb=0c2c01095b4e3e707a08e9ff6ebe61f18689bcaa;p=monkeysphere.git

diff --git a/src/monkeysphere b/src/monkeysphere
index 69741e1..ff4423b 100755
--- a/src/monkeysphere
+++ b/src/monkeysphere
@@ -31,11 +31,12 @@ GREP_OPTIONS=
 usage() {
 cat <<EOF
 usage: $PGRM <subcommand> [args]
-Monkeysphere client tool.
+MonkeySphere client tool.
 
 subcommands:
   update-known_hosts (k) [HOST]...  update known_hosts file
-  update-userids (u) [USERID]...    add/update userid
+  update-userids (u) [USERID]...    add/update user IDs
+  remove-userids (r) [USERID]...    remove user IDs
   update-authorized_keys (a)        update authorized_keys file
   gen-ae-subkey (g) KEYID           generate an 'ae' capable subkey
   help (h,?)                        this help
@@ -117,7 +118,8 @@ MS_CONF=${MS_CONF:-"${MS_HOME}/monkeysphere.conf"}
 AUTHORIZED_USER_IDS=${AUTHORIZED_USER_IDS:-"${MS_HOME}/authorized_user_ids"}
 GNUPGHOME=${GNUPGHOME:-"${HOME}/.gnupg"}
 KEYSERVER=${KEYSERVER:-"subkeys.pgp.net"}
-REQUIRED_KEY_CAPABILITY=${REQUIRED_KEY_CAPABILITY:-"e a"}
+REQUIRED_HOST_KEY_CAPABILITY=${REQUIRED_HOST_KEY_CAPABILITY:-"e a"}
+REQUIRED_USER_KEY_CAPABILITY=${REQUIRED_USER_KEY_CAPABILITY:-"a"}
 USER_CONTROLLED_AUTHORIZED_KEYS=${USER_CONTROLLED_AUTHORIZED_KEYS:-"%h/.ssh/authorized_keys"}
 USER_KNOWN_HOSTS=${USER_KNOWN_HOSTS:-"${HOME}/.ssh/known_hosts"}
 HASH_KNOWN_HOSTS=${HASH_KNOWN_HOSTS:-"true"}
@@ -136,6 +138,7 @@ mkdir -p -m 0700 "$GNUPGHOME"
 mkdir -p -m 0700 "$MS_HOME"
 mkdir -p "$hostKeysCacheDir"
 mkdir -p "$userKeysCacheDir"
+touch "$AUTHORIZED_USER_IDS"
 
 case $COMMAND in
     'update-known_hosts'|'update-known-hosts'|'k')
@@ -163,12 +166,34 @@ case $COMMAND in
 	fi
 	;;
 
+    'update-userids'|'update-userid'|'u')
+	if [ -z "$1" ] ; then
+	    failure "you must specify at least one userid."
+	fi
+	for userID ; do
+	    update_userid "$userID" "$userKeysCacheDir"
+	done
+	log "run the following to update your monkeysphere authorized_keys file:"
+	log "$PGRM update-authorized_keys"
+	;;
+
+    'remove-userids'|'remove-userid'|'r')
+	if [ -z "$1" ] ; then
+	    failure "you must specify at least one userid."
+	fi
+	for userID ; do
+	    remove_userid "$userID"
+	done
+	log "run the following to update your monkeysphere authorized_keys file:"
+	log "$PGRM update-authorized_keys"
+	;;
+
     'update-authorized_keys'|'update-authorized-keys'|'a')
 	MODE='authorized_keys'
 
-        # make sure authorized_user_ids file exists
+        # fail if the authorized_user_ids file is empty
 	if [ ! -s "$AUTHORIZED_USER_IDS" ] ; then
-	    failure "authorized_user_ids file is empty or does not exist."
+	    failure "$AUTHORIZED_USER_IDS is empty."
 	fi
 
 	# set user-controlled authorized_keys file path
@@ -178,15 +203,6 @@ case $COMMAND in
 	update_authorized_keys "$msAuthorizedKeys" "$userAuthorizedKeys" "$userKeysCacheDir"
 	;;
 
-    'update-userids'|'u')
-	if [ -z "$1" ] ; then
-	    failure "you must specify at least one userid."
-	fi
-	for userID ; do
-	    update_userid "$userID" "$userKeysCacheDir"
-	done
-	;;
-
     'gen-ae-subkey'|'g')
 	keyID="$1"
 	if [ -z "$keyID" ] ; then
@@ -201,6 +217,6 @@ case $COMMAND in
 
     *)
         failure "Unknown command: '$COMMAND'
-Type 'cereal-admin help' for usage."
+Type '$PGRM help' for usage."
         ;;
 esac