add ability to bypass prompting with a MONKEYSPHERE_PROMPT variable,

[monkeysphere.git] / src / monkeysphere-authentication

diff --git a/src/monkeysphere-authentication b/src/monkeysphere-authentication
index 4a09527add0f95a77eeec2f3e1be26169294da98..c349e6fc93c3c062e07b0d5c4f60b3ca2f7daf07 100755 (executable)
--- a/src/monkeysphere-authentication
+++ b/src/monkeysphere-authentication
@@ -86,8 +86,8 @@ gpg_sphere() {
     su_monkeysphere_user "gpg $@"
 }
 
-# load the core fingerprint into the fingerprint variable, using the
-# gpg host secret key
+# output to stdout the core fingerprint from the gpg core secret
+# keyring
 core_fingerprint() {
     log debug "determining core key fingerprint..."
     gpg_core --quiet --list-secret-key \
@@ -95,6 +95,14 @@ core_fingerprint() {
        | grep ^fpr: | cut -d: -f10
 }
 
+# fail if authentication has not been setup
+check_no_setup() {
+    # FIXME: what is the right test to do here?
+    [ -d "$MADATADIR" ] \
+       || failure "This host appears to have not yet been set up for Monkeysphere authentication.
+Please run 'monkeysphere-authentication setup' first."
+}
+
 # export signatures from core to sphere
 gpg_core_sphere_sig_transfer() {
     log debug "exporting core local sigs to sphere..."
@@ -106,11 +114,14 @@ gpg_core_sphere_sig_transfer() {
 # MAIN
 ########################################################################
 
-# unset variables that should be defined only in config file
+# unset variables that should be defined only in config file of in
+# MONKEYSPHERE_ variables
+unset LOG_LEVEL
 unset KEYSERVER
 unset AUTHORIZED_USER_IDS
 unset RAW_AUTHORIZED_KEYS
 unset MONKEYSPHERE_USER
+unset PROMPT
 
 # load configuration file
 [ -e ${MONKEYSPHERE_AUTHENTICATION_CONFIG:="${SYSCONFIGDIR}/monkeysphere-authentication.conf"} ] && . "$MONKEYSPHERE_AUTHENTICATION_CONFIG"
@@ -122,6 +133,7 @@ KEYSERVER=${MONKEYSPHERE_KEYSERVER:=${KEYSERVER:="pool.sks-keyservers.net"}}
 AUTHORIZED_USER_IDS=${MONKEYSPHERE_AUTHORIZED_USER_IDS:=${AUTHORIZED_USER_IDS:="%h/.monkeysphere/authorized_user_ids"}}
 RAW_AUTHORIZED_KEYS=${MONKEYSPHERE_RAW_AUTHORIZED_KEYS:=${RAW_AUTHORIZED_KEYS:="%h/.ssh/authorized_keys"}}
 MONKEYSPHERE_USER=${MONKEYSPHERE_MONKEYSPHERE_USER:=${MONKEYSPHERE_USER:="monkeysphere"}}
+PROMPT=${MONKEYSPHERE_PROMPT:=${PROMPT:="true"}}
 
 # other variables
 CHECK_KEYSERVER=${MONKEYSPHERE_CHECK_KEYSERVER:="true"}
@@ -134,8 +146,9 @@ CORE_KEYLENGTH=${MONKEYSPHERE_CORE_KEYLENGTH:="2048"}
 export DATE
 export MODE
 export LOG_LEVEL
-export MONKEYSPHERE_USER
 export KEYSERVER
+export MONKEYSPHERE_USER
+export PROMPT
 export CHECK_KEYSERVER
 export REQUIRED_USER_KEY_CAPABILITY
 export GNUPGHOME_CORE
@@ -155,21 +168,25 @@ case $COMMAND in
        ;;
 
     'update-users'|'update-user'|'u')
+       check_no_setup
        source "${MASHAREDIR}/update_users"
        update_users "$@"
        ;;
 
     'add-identity-certifier'|'add-id-certifier'|'add-certifier'|'c+')
+       check_no_setup
        source "${MASHAREDIR}/add_certifier"
        add_certifier "$@"
        ;;
 
     'remove-identity-certifier'|'remove-id-certifier'|'remove-certifier'|'c-')
+       check_no_setup
        source "${MASHAREDIR}/remove_certifier"
        remove_certifier "$@"
        ;;
 
     'list-identity-certifiers'|'list-id-certifiers'|'list-certifiers'|'list-certifier'|'c')
+       check_no_setup
        source "${MASHAREDIR}/list_certifiers"
        list_certifiers "$@"
        ;;
@@ -180,6 +197,7 @@ case $COMMAND in
        ;;
 
     'gpg-cmd')
+       check_no_setup
        gpg_sphere "$@"
        ;;