From ebd776722e0fd6dfacc79146c368d148f0e266cb Mon Sep 17 00:00:00 2001 From: Jameson Graef Rollins Date: Sun, 1 Mar 2009 14:53:37 -0500 Subject: [PATCH] break out default variables into their own file: defaultenv this allows the common file to be sourced without reseting variables to their defaults, which was causing a problem with su_monkeysphere_user. also added some more debug messages. --- Makefile | 1 + src/monkeysphere | 3 ++- src/monkeysphere-authentication | 3 ++- src/monkeysphere-host | 3 ++- src/share/common | 34 +++++++++------------------------ src/share/ma/update_users | 1 + tests/basic | 1 - 7 files changed, 17 insertions(+), 29 deletions(-) diff --git a/Makefile b/Makefile index 07e8fb9..9873d32 100755 --- a/Makefile +++ b/Makefile @@ -52,6 +52,7 @@ install: all installman install src/monkeysphere $(DESTDIR)$(PREFIX)/bin install src/monkeysphere-host src/monkeysphere-authentication $(DESTDIR)$(PREFIX)/sbin install -m 0644 src/share/common $(DESTDIR)$(PREFIX)/share/monkeysphere + install -m 0644 src/share/defaultenv $(DESTDIR)$(PREFIX)/share/monkeysphere install -m 0755 src/share/keytrans $(DESTDIR)$(PREFIX)/share/monkeysphere ln -s ../share/monkeysphere/keytrans $(DESTDIR)$(PREFIX)/bin/pem2openpgp ln -s ../share/monkeysphere/keytrans $(DESTDIR)$(PREFIX)/bin/openpgp2ssh diff --git a/src/monkeysphere b/src/monkeysphere index 2d54376..8d59d08 100755 --- a/src/monkeysphere +++ b/src/monkeysphere @@ -18,7 +18,8 @@ PGRM=$(basename $0) SYSSHAREDIR=${MONKEYSPHERE_SYSSHAREDIR:-"/usr/share/monkeysphere"} export SYSSHAREDIR -. "${SYSSHAREDIR}/common" || exit 1 +. "${SYSSHAREDIR}/defaultenv" +. "${SYSSHAREDIR}/common" # sharedir for host functions MSHAREDIR="${SYSSHAREDIR}/m" diff --git a/src/monkeysphere-authentication b/src/monkeysphere-authentication index c5c48d5..3344f38 100755 --- a/src/monkeysphere-authentication +++ b/src/monkeysphere-authentication @@ -21,7 +21,8 @@ PGRM=$(basename $0) SYSSHAREDIR=${MONKEYSPHERE_SYSSHAREDIR:-"/usr/share/monkeysphere"} export SYSSHAREDIR -. "${SYSSHAREDIR}/common" || exit 1 +. "${SYSSHAREDIR}/defaultenv" +. "${SYSSHAREDIR}/common" SYSDATADIR=${MONKEYSPHERE_SYSDATADIR:-"/var/lib/monkeysphere"} export SYSDATADIR diff --git a/src/monkeysphere-host b/src/monkeysphere-host index 9e4a8c4..b9a15ae 100755 --- a/src/monkeysphere-host +++ b/src/monkeysphere-host @@ -21,7 +21,8 @@ PGRM=$(basename $0) SYSSHAREDIR=${MONKEYSPHERE_SYSSHAREDIR:-"/usr/share/monkeysphere"} export SYSSHAREDIR -. "${SYSSHAREDIR}/common" || exit 1 +. "${SYSSHAREDIR}/defaultenv" +. "${SYSSHAREDIR}/common" SYSDATADIR=${MONKEYSPHERE_SYSDATADIR:-"/var/lib/monkeysphere"} export SYSDATADIR diff --git a/src/share/common b/src/share/common index a9d23b2..1cdd549 100644 --- a/src/share/common +++ b/src/share/common @@ -13,28 +13,6 @@ # all-caps variables are meant to be user supplied (ie. from config # file) and are considered global -######################################################################## -### COMMON VARIABLES - -# managed directories -SYSCONFIGDIR=${MONKEYSPHERE_SYSCONFIGDIR:-"/etc/monkeysphere"} -export SYSCONFIGDIR - -# default log level -LOG_LEVEL="INFO" - -# default keyserver -KEYSERVER="pool.sks-keyservers.net" - -# whether or not to check keyservers by defaul -CHECK_KEYSERVER="true" - -# default monkeysphere user -MONKEYSPHERE_USER="monkeysphere" - -# default about whether or not to prompt -PROMPT="true" - ######################################################################## ### UTILITY FUNCTIONS @@ -461,6 +439,7 @@ check_key_file_permissions() { # return zero if all clear, or go to next path if [ "$path" = '/' ] ; then + log debug "path ok." return 0 else check_key_file_permissions "$uname" $(dirname "$path") @@ -926,7 +905,8 @@ process_known_hosts() { failure "known_hosts file '$KNOWN_HOSTS' does not exist." fi - log debug "processing known_hosts file..." + log debug "processing known_hosts file:" + log debug " $KNOWN_HOSTS" hosts=$(meat "$KNOWN_HOSTS" | cut -d ' ' -f 1 | grep -v '^|.*$' | tr , ' ' | tr '\n' ' ') @@ -1014,6 +994,9 @@ update_authorized_keys() { nIDsOK=0 nIDsBAD=0 + log debug "updating authorized_keys file:" + log debug " $AUTHORIZED_KEYS" + # check permissions on the authorized_keys file path check_key_file_permissions "$USER" "$AUTHORIZED_KEYS" || failure @@ -1087,11 +1070,12 @@ process_authorized_user_ids() { failure "authorized_user_ids file '$authorizedUserIDs' does not exist." fi + log debug "processing authorized_user_ids file:" + log debug " $authorizedUserIDs" + # check permissions on the authorized_user_ids file path check_key_file_permissions "$USER" "$authorizedUserIDs" || failure - log debug "processing authorized_user_ids file..." - if ! meat "$authorizedUserIDs" > /dev/null ; then log debug " no user IDs to process." return diff --git a/src/share/ma/update_users b/src/share/ma/update_users index c180b56..3a5c006 100644 --- a/src/share/ma/update_users +++ b/src/share/ma/update_users @@ -80,6 +80,7 @@ for uname in $unames ; do # translating ssh-style path variables authorizedUserIDs=$(translate_ssh_variables "$uname" "$AUTHORIZED_USER_IDS") if [ -s "$authorizedUserIDs" ] ; then + log debug "authorized_user_ids file found." # check permissions on the authorized_user_ids file path if check_key_file_permissions "$uname" "$authorizedUserIDs" ; then # copy user authorized_user_ids file to temporary diff --git a/tests/basic b/tests/basic index f6d1f3b..7277168 100755 --- a/tests/basic +++ b/tests/basic @@ -275,7 +275,6 @@ monkeysphere-authentication update-users $(whoami) # FIXME: this is maybe not failing properly for: # ms: improper group or other writability on path '/tmp'. - ###################################################################### ### TESTS -- 2.25.1