Start changes to move gpg.conf files into /etc/monkeysphere.
authorJameson Graef Rollins <jrollins@phys.columbia.edu>
Mon, 15 Sep 2008 18:36:27 +0000 (11:36 -0700)
committerJameson Graef Rollins <jrollins@phys.columbia.edu>
Mon, 15 Sep 2008 18:36:27 +0000 (11:36 -0700)
debian/monkeysphere.postinst
etc/gnupg-authentication.conf [new file with mode: 0644]
etc/gnupg-host.conf [new file with mode: 0644]
etc/monkeysphere-server.conf
man/man8/monkeysphere-server.8

index 981c9dfb23d3ef0171f2f327a37f9d29ca644bc5..bd3062fa5742057638d375710630e528a6b76dea 100755 (executable)
@@ -5,6 +5,7 @@
 # Author: Jameson Rollins <jrollins@fifthhorseman.net>
 # Copyright 2008
 
+ETC="/etc/monkeysphere"
 VARLIB="/var/lib/monkeysphere"
 
 if ! getent passwd monkeysphere >/dev/null ; then
@@ -18,17 +19,10 @@ fi
 
 # install host gnupg home directory
 install --owner root --group monkeysphere --mode 750 -d "$VARLIB"/gnupg-host
-# install host gpg.conf
-cat <<EOF > "$VARLIB"/gnupg-host/gpg.conf
-list-options show-uid-validity
-EOF
+# link in the gpg.conf
+ln -s "$ETC"/gnupg-host.conf "$VARLIB"/gnupg-host/gpg.conf
 
 # install authentication gnupg home directory
 install --owner monkeysphere --group monkeysphere --mode 700 -d "$VARLIB"/gnupg-authentication
-# install authentication gpg.conf
-cat <<EOF > "$VARLIB"/gnupg-authentication/gpg.conf
-list-options show-uid-validity
-primary-keyring $VARLIB/gnupg-authentication/pubring.gpg
-keyring $VARLIB/gnupg-host/pubring.gpg
-EOF
-chown monkeysphere:monkeysphere "$VARLIB"/gnupg-authentication/gpg.conf
+# link in the gpg.conf
+ln -s "$ETC"/gnupg-authentication.conf "$VARLIB"/gnupg-authentication/gpg.conf
diff --git a/etc/gnupg-authentication.conf b/etc/gnupg-authentication.conf
new file mode 100644 (file)
index 0000000..760c5e3
--- /dev/null
@@ -0,0 +1,8 @@
+# Monkeysphere authentication GNUPG home gpg.conf
+
+primary-keyring /var/lib/monkeysphere/gnupg-authentication/pubring.gpg
+keyring /var/lib/monkeysphere/gnupg-host/pubring.gpg
+
+keyserver hkp://pgp.mit.edu
+
+list-options show-uid-validity
diff --git a/etc/gnupg-host.conf b/etc/gnupg-host.conf
new file mode 100644 (file)
index 0000000..c450910
--- /dev/null
@@ -0,0 +1,3 @@
+# Monkeysphere host GNUPG home gpg.conf
+
+list-options show-uid-validity
index c001f2d11ac01a4c8d3755018f170fb58b965615..adbac7ec474c2879b6aa41200f8b5e24ad3622c1 100644 (file)
@@ -6,13 +6,13 @@
 # prefeced by "MONKEYSPHERE_" will take precedence over the values
 # specified here.
 
+# User who controls the monkeysphere authentication keyring.
+#MONKEYSPHERE_USER=monkeysphere
+
 # Log level.  Can be SILENT, ERROR, INFO, DEBUG, in increasing order
 # of verbosity.
 #LOG_LEVEL=INFO
 
-# GPG keyserver to search for keys.
-#KEYSERVER=subkeys.pgp.net
-
 # Path to authorized_user_ids file to process to create
 # authorized_keys file.  '%h' will be replaced by the home directory
 # of the user, and %u will be replaced by the username of the user.
@@ -27,6 +27,3 @@
 # FIXME: this usage of "-" contravenes the normal convention where "-"
 # means standard in/out.  Why not use "none" or "" instead?
 #RAW_AUTHORIZED_KEYS="%h/.ssh/authorized_keys"
-
-# User who controls the monkeysphere authentication keyring.
-#MONKEYSPHERE_USER=monkeysphere
index c905f2fa28f7e4f11b1e5c4c0daabad8a02b86d2..d25f0e8ea671b1d781c6b3eb243b9cb18f554864 100644 (file)
@@ -185,6 +185,9 @@ The following environment variables will override those specified in
 the monkeysphere-server.conf configuration file (defaults in
 parentheses):
 .TP
+MONKEYSPHERE_MONKEYSPHERE_USER
+User to control authentication keychain (monkeysphere).
+.TP
 MONKEYSPHERE_LOG_LEVEL
 Set the log level (INFO).  Can be SILENT, ERROR, INFO, VERBOSE, DEBUG, in
 increasing order of verbosity.
@@ -199,9 +202,6 @@ Path to user authorized_user_ids file
 MONKEYSPHERE_RAW_AUTHORIZED_KEYS
 Path to user-controlled authorized_keys file.  `-' means not to add
 user-controlled file (%h/.ssh/authorized_keys).
-.TP
-MONKEYSPHERE_MONKEYSPHERE_USER
-User to control authentication keychain (monkeysphere).
 
 .SH FILES
 
@@ -212,6 +212,12 @@ System monkeysphere-server config file.
 /etc/monkeysphere/monkeysphere.conf
 System-wide monkeysphere config file.
 .TP
+/etc/monkeysphere/gnupg-host.conf
+Monkeysphere host GNUPG home gpg.conf
+.TP
+/etc/monkeysphere/gnupg-authentication.conf
+Monkeysphere authentication GNUPG home gpg.conf
+.TP
 /var/lib/monkeysphere/authorized_keys/USER
 Monkeysphere-generated user authorized_keys files.
 .TP