X-Git-Url: https://codewiz.org/gitweb?a=blobdiff_plain;f=src%2Fmonkeysphere-authentication;h=a33de1e56b41e0b3a302a68a0644a81ae8a5ba00;hb=9a92104113158b39de7c8b42bf883b3fd46ed006;hp=4485bd4ffcdfcbbd92fd8152badaea6fd3071686;hpb=10c741dac082844fbf9a2fbbfc4322f718c2abea;p=monkeysphere.git

diff --git a/src/monkeysphere-authentication b/src/monkeysphere-authentication
index 4485bd4..a33de1e 100755
--- a/src/monkeysphere-authentication
+++ b/src/monkeysphere-authentication
@@ -70,35 +70,17 @@ subcommands:
 EOF
 }
 
-# function to run command as monkeysphere user
-su_monkeysphere_user() {
-    # if the current user is the monkeysphere user, then just eval
-    # command
-    if [ $(id -un) = "$MONKEYSPHERE_USER" ] ; then
-	eval "$@"
-
-    # otherwise su command as monkeysphere user
-    else
-	su "$MONKEYSPHERE_USER" -c "$@"
-    fi
-}
-
 # function to interact with the gpg core keyring
 gpg_core() {
     GNUPGHOME="$GNUPGHOME_CORE"
     export GNUPGHOME
 
-    # NOTE: we supress this warning because we need the monkeysphere
-    # user to be able to read the host pubring.  we realize this might
-    # be problematic, but it's the simplest solution, without too much
-    # loss of security.
     gpg "$@"
 }
 
 # function to interact with the gpg sphere keyring
-# FIXME: this function requires basically accepts only a single
-# argument because of problems with quote expansion.  this needs to be
-# fixed/improved.
+# FIXME: this function requires only a single argument because of
+# problems with quote expansion.  this needs to be fixed/improved.
 gpg_sphere() {
     GNUPGHOME="$GNUPGHOME_SPHERE"
     export GNUPGHOME
@@ -106,8 +88,18 @@ gpg_sphere() {
     su_monkeysphere_user "gpg $@"
 }
 
+# load the core fingerprint into the fingerprint variable, using the
+# gpg host secret key
+core_fingerprint() {
+    log debug "determining core key fingerprint..."
+    gpg_core --quiet --list-secret-key \
+	--with-colons --fixed-list-mode --with-fingerprint \
+	| grep ^fpr: | cut -d: -f10
+}
+
 # export signatures from core to sphere
 gpg_core_sphere_sig_transfer() {
+    log debug "exporting core local sigs to sphere..."
     gpg_core --export-options export-local-sigs --export | \
 	gpg_sphere --import-options import-local-sigs --import
 }
@@ -184,7 +176,7 @@ case $COMMAND in
 	list_certifiers "$@"
 	;;
 
-    'expert'|'e')
+    'expert')
 	SUBCOMMAND="$1"
 	shift
 	case "$SUBCOMMAND" in