From: Daniel Kahn Gillmor Date: Wed, 3 Sep 2008 22:29:18 +0000 (-0400) Subject: Merge commit 'micah/master' X-Git-Tag: monkeysphere_0.14-1~10^2~1 X-Git-Url: https://codewiz.org/gitweb?a=commitdiff_plain;h=ac8f7d1c1addf1cea1c6ffb071de1fcfdc60931b;hp=6ee744d7995ab3445a0575440f1fe3571fabb78e;p=monkeysphere.git Merge commit 'micah/master' --- diff --git a/Makefile b/Makefile index 1e0b649..ff0ee0c 100644 --- a/Makefile +++ b/Makefile @@ -5,23 +5,20 @@ all: keytrans keytrans: $(MAKE) -C src/keytrans -release: clean +tarball: clean rm -rf monkeysphere-$(MONKEYSPHERE_VERSION) mkdir -p monkeysphere-$(MONKEYSPHERE_VERSION)/doc ln -s ../../website/getting-started-user.mdwn ../../website/getting-started-admin.mdwn ../../doc/TODO ../../doc/MonkeySpec monkeysphere-$(MONKEYSPHERE_VERSION)/doc ln -s ../COPYING ../etc ../Makefile ../man ../src monkeysphere-$(MONKEYSPHERE_VERSION) - tar -ch monkeysphere-$(MONKEYSPHERE_VERSION) | gzip -n > monkeysphere_$(MONKEYSPHERE_VERSION).orig.tar.gz + tar -ch monkeysphere-$(MONKEYSPHERE_VERSION) | gzip -n > monkeysphere_$(MONKEYSPHERE_VERSION).tar.gz rm -rf monkeysphere-$(MONKEYSPHERE_VERSION) -debian-package: release - tar xzf monkeysphere_$(MONKEYSPHERE_VERSION).orig.tar.gz - cp -a debian monkeysphere-$(MONKEYSPHERE_VERSION) - (cd monkeysphere-$(MONKEYSPHERE_VERSION) && debuild -uc -us) - rm -rf monkeysphere-$(MONKEYSPHERE_VERSION) +debian-package: + debuild -uc -us clean: $(MAKE) -C src/keytrans clean # clean up old monkeysphere packages lying around as well. rm -f monkeysphere_* -.PHONY: all clean release debian-package +.PHONY: all clean tarball debian-package diff --git a/debian/changelog b/debian/changelog index 206ddd7..8688b95 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,9 +1,14 @@ -monkeysphere (0.13~pre-1) UNRELEASED; urgency=low +monkeysphere (0.13-1) experimental; urgency=low [ Daniel Kahn Gillmor ] * tweaks in /usr/bin/monkeysphere to handle odd secret keyrings. + * updated makefile to reflect the package building technique we've been + using for a month now. - -- Daniel Kahn Gillmor Tue, 02 Sep 2008 21:28:51 -0400 + [ Jameson Graef Rollins ] + * move location of user config directory to ~/.monkeysphere. + + -- Daniel Kahn Gillmor Wed, 03 Sep 2008 17:26:10 -0400 monkeysphere (0.12-1) experimental; urgency=low diff --git a/etc/monkeysphere-server.conf b/etc/monkeysphere-server.conf index 1b0ed9f..c001f2d 100644 --- a/etc/monkeysphere-server.conf +++ b/etc/monkeysphere-server.conf @@ -18,7 +18,7 @@ # of the user, and %u will be replaced by the username of the user. # For purely admin-controlled authorized_user_ids, you might put them # in /etc/monkeysphere/authorized_user_ids/%u -#AUTHORIZED_USER_IDS="%h/.config/monkeysphere/authorized_user_ids" +#AUTHORIZED_USER_IDS="%h/.monkeysphere/authorized_user_ids" # Whether to add user controlled authorized_keys file to # monkeysphere-generated authorized_keys file. Should be path to file diff --git a/man/man1/monkeysphere.1 b/man/man1/monkeysphere.1 index b0c896f..cabe953 100644 --- a/man/man1/monkeysphere.1 +++ b/man/man1/monkeysphere.1 @@ -108,13 +108,13 @@ Path to ssh authorized_keys file (~/.ssh/authorized_keys). .SH FILES .TP -~/.config/monkeysphere/monkeysphere.conf +~/.monkeysphere/monkeysphere.conf User monkeysphere config file. .TP /etc/monkeysphere/monkeysphere.conf System-wide monkeysphere config file. .TP -~/.config/monkeysphere/authorized_user_ids +~/.monkeysphere/authorized_user_ids OpenPGP user IDs associated with keys that will be checked for addition to the authorized_keys file. diff --git a/man/man8/monkeysphere-server.8 b/man/man8/monkeysphere-server.8 index 25dfac7..46a9727 100644 --- a/man/man8/monkeysphere-server.8 +++ b/man/man8/monkeysphere-server.8 @@ -154,8 +154,8 @@ Remote user's will then be granted access to a local user account based on the appropriately signed and valid keys associated with user IDs listed in the authorized_user_ids file of the local user. By default, the authorized_user_ids file for local users is found in -~/.config/monkeysphere/authorized_user_ids. This can be changed in -the monkeysphere-server.conf file. +~/.monkeysphere/authorized_user_ids. This can be changed in the +monkeysphere-server.conf file. The \fBupdate-users\fP command can then be used to generate authorized_keys file for local users based on the authorized user IDs @@ -191,7 +191,7 @@ OpenPGP keyserver to use (subkeys.pgp.net). .TP MONKEYSPHERE_AUTHORIZED_USER_IDS Path to user authorized_user_ids file -(%h/.config/monkeysphere/authorized_user_ids). +(%h/.monkeysphere/authorized_user_ids). .TP MONKEYSPHERE_RAW_AUTHORIZED_KEYS Path to user-controlled authorized_keys file. `-' means not to add diff --git a/src/monkeysphere b/src/monkeysphere index 471da20..59cb3d6 100755 --- a/src/monkeysphere +++ b/src/monkeysphere @@ -273,7 +273,7 @@ unset AUTHORIZED_KEYS [ -r "${ETC}/monkeysphere.conf" ] && . "${ETC}/monkeysphere.conf" # set monkeysphere home directory -MONKEYSPHERE_HOME=${MONKEYSPHERE_HOME:="${HOME}/.config/monkeysphere"} +MONKEYSPHERE_HOME=${MONKEYSPHERE_HOME:="${HOME}/.monkeysphere"} mkdir -p -m 0700 "$MONKEYSPHERE_HOME" # load local config diff --git a/src/monkeysphere-server b/src/monkeysphere-server index 4c7df19..d2cac0e 100755 --- a/src/monkeysphere-server +++ b/src/monkeysphere-server @@ -858,7 +858,7 @@ unset MONKEYSPHERE_USER # defaults LOG_LEVEL=${MONKEYSPHERE_LOG_LEVEL:=${LOG_LEVEL:="INFO"}} KEYSERVER=${MONKEYSPHERE_KEYSERVER:=${KEYSERVER:="subkeys.pgp.net"}} -AUTHORIZED_USER_IDS=${MONKEYSPHERE_AUTHORIZED_USER_IDS:=${AUTHORIZED_USER_IDS:="%h/.config/monkeysphere/authorized_user_ids"}} +AUTHORIZED_USER_IDS=${MONKEYSPHERE_AUTHORIZED_USER_IDS:=${AUTHORIZED_USER_IDS:="%h/.monkeysphere/authorized_user_ids"}} RAW_AUTHORIZED_KEYS=${MONKEYSPHERE_RAW_AUTHORIZED_KEYS:=${RAW_AUTHORIZED_KEYS:="%h/.ssh/authorized_keys"}} MONKEYSPHERE_USER=${MONKEYSPHERE_MONKEYSPHERE_USER:=${MONKEYSPHERE_USER:="monkeysphere"}} diff --git a/website/bugs/monkeysphere-should-respect-keyserver-settings-in-gpg.mdwn b/website/bugs/monkeysphere-should-respect-keyserver-settings-in-gpg.mdwn index 85f79f1..0630cc4 100644 --- a/website/bugs/monkeysphere-should-respect-keyserver-settings-in-gpg.mdwn +++ b/website/bugs/monkeysphere-should-respect-keyserver-settings-in-gpg.mdwn @@ -4,14 +4,14 @@ Currently, monkeysphere-ssh-proxycommand checks the following places to determine which keyserver to use (in order of priority): * environment variable (MONKEYSPHERE_KEYSERVER) - * KEYSERVER variable in ~/.config/monkeysphere/monkeysphere.conf + * KEYSERVER variable in ~/.monkeysphere/monkeysphere.conf * default value of subkeys.pgp.net It would be useful if monkeysphere also consulted ~/.gnupg/gpg.conf, using the following order instead: * environment variable (MONKEYSPHERE_KEYSERVER) - * KEYSERVER variable in ~/.config/monkeysphere/monkeysphere.conf + * KEYSERVER variable in ~/.monkeysphere/monkeysphere.conf * keyserver variable in ~/.gnupg/gpg.conf * default value of subkeys.pgp.net diff --git a/website/bugs/setup-test-server-for-public.mdwn b/website/bugs/setup-test-server-for-public.mdwn index 5b05759..65fa893 100644 --- a/website/bugs/setup-test-server-for-public.mdwn +++ b/website/bugs/setup-test-server-for-public.mdwn @@ -63,7 +63,7 @@ I envision a script you'd invoke like: root@george# addmsuser foo 'Foo T. Bar ' Which would create the `foo` account, populate -`~foo/.config/monkeysphere/authorized_user_ids`, make a note in a log +`~foo/.monkeysphere/authorized_user_ids`, make a note in a log someplace, and send a welcome letter. --dkg diff --git a/website/doc.mdwn b/website/doc.mdwn index 997c34d..18b48a2 100644 --- a/website/doc.mdwn +++ b/website/doc.mdwn @@ -10,8 +10,10 @@ Monkeysphere relies on: ## Getting started ## + * [Downloading and installing](/download) * Getting started as a [user](/getting-started-user) * Getting started as a [server admin](/getting-started-admin) + * [Developing the monkeysphere](/community) ## References ## diff --git a/website/getting-started-admin.mdwn b/website/getting-started-admin.mdwn index 69f498a..0c4fe85 100644 --- a/website/getting-started-admin.mdwn +++ b/website/getting-started-admin.mdwn @@ -57,7 +57,7 @@ users with the Monkeysphere. For each user account on the server, the userids of people authorized to log into that account would be placed in: - ~/.config/monkeysphere/authorized_user_ids + ~/.monkeysphere/authorized_user_ids However, in order for users to become authenticated, the server must determine that the user IDs on their keys have "full" validity. This diff --git a/website/getting-started-user.mdwn b/website/getting-started-user.mdwn index 3f7b689..00b803e 100644 --- a/website/getting-started-user.mdwn +++ b/website/getting-started-user.mdwn @@ -120,7 +120,7 @@ update-authorized_keys command: $ monkeysphere update-authorized_keys This command will take all the user IDs listed in the -`~/.config/monkeysphere/authorized_user_ids` file and check to see if +`~/.monkeysphere/authorized_user_ids` file and check to see if there are acceptable keys for those user IDs available. If so, they will be added to the `~/.ssh/authorized_keys` file. diff --git a/website/mirrors.mdwn b/website/mirrors.mdwn index feee9bd..44f50d9 100644 --- a/website/mirrors.mdwn +++ b/website/mirrors.mdwn @@ -8,9 +8,7 @@ We're mirrored on several servers. Rather than using ikiwiki's [pinger/pingee approach to distribution](http://ikiwiki.info/tips/distributed_wikis/), we've opted for a method that uses ssh. -The steps for creating a new mirror are: - -## Steps to take on the mirror server ## +## Initial steps to take on the mirror server ## Add etch-backports to your /etc/apt/sources.list: @@ -50,19 +48,12 @@ Add web site configuration that the user has write access to. If you are using A Upload and edit ikiwiki.setup.sample from the docs directory -As the new user, create two new git repos - - mkdir monkeysphere.git; cd monkeysphere.git; git init --bare; cd ../ - git clone monkeysphere.git # this will create a second git repo called monkeysphere - -Change the mode of monkeysphere.git/hooks/post-receive to 755 +As the new user, create a git repo - chmod 755 monkesphere.git/hooks/post-receive + mkdir monkeysphere.git; cd monkeysphere.git; git init --bare; -Edit the file so that it executes the post-receive hook ikiwiki generates (as -you specified in the ikiwiki.setup file) -## Admin steps to take to enable the configuration ## +## Initial Admin steps to take to enable the configuration ## Add a new dns record for SERVERNAME.monkeysphere.info. @@ -73,9 +64,35 @@ Add the new server as a remote on webmaster@george.riseup.net:monkeysphere.git cd ~/monkeysphere.git git add remote SERVERNAME USER@SERVERNAME.monkeysphere.info:/path/to/repo +Modify ~/monkeysphere.git/config, so the new repo stanza looks like this: + + [remote "SERVERNAME"] + url = USER@SERVERNAME.monkeysphere.info:monkeysphere.git + push = +refs/heads/master + skipDefaultUpdate = true + Test: git push SERVERNAME - +## Final steps to take on mirror server ## + +At this point, you should have a populated git repo in your +monkeyshere.git directory. + +Change the mode of monkeysphere.git/hooks/post-receive to 755 + + chmod 755 monkesphere.git/hooks/post-receive + +Edit the file so that it executes the post-receive hook ikiwiki generates (as +you specified in the ikiwiki.setup file) + +Next, clone the repository: + + clone monkeysphere.git monkeysphere + +And lastly, run ikiwiki manually to generate the post-receive hook: + + ikiwiki --setup ikiwiki.setup +