### transfer identity certifiers, if they don't already exist in the
### current setup:
- if [ monkeysphere-authentication list-identity-certifiers | \
- grep -q '^[A-F0-9]{40}:$' ] ; then
+ if monkeysphere-authentication list-identity-certifiers | \
+ grep -q '^[A-F0-9]{40}:$' ; then
log 'There are already certifiers in the new system!\nNot transferring any certifiers.\n'
else
# get the old host keygrip (don't know why there would be more
# than one, but we'll transfer all tsigs made by any key that
# had been given ultimate ownertrust):
- for authgrip in $(GNUPGHOME="$SYSDATADIR"/gnupg-host gpg --export-ownertrust | \
- grep ':6:$'
+ for authgrip in $(GNUPGHOME="$SYSDATADIR"/gnupg-host gpg --no-permission-warning --export-ownertrust | \
+ grep ':6:$' | \
sed -r 's/^[A-F0-9]{24}([A-F0-9]{16}):6:$/\1/') ; do
# we're assuming that old id certifiers were only added by old
# one of those certifications (even if later
# certifications had different parameters).
- GNUPGHOME="$SYSDATADIR"/gnupg-host gpg --fingerprint --with-colons --fixed-list-mode --check-sigs | \
+ GNUPGHOME="$SYSDATADIR"/gnupg-host gpg --no-permission-warning --fingerprint --with-colons --fixed-list-mode --check-sigs | \
cut -f 1,2,5,8,9,10 -d: | \
egrep '^(fpr:::::|sig:!:'"$authgrip"':[[:digit:]]+ [[:digit:]]+:)' | \
while IFS=: read -r type validity grip trustparams trustdomain fpr ; do
CERTKEY=$(mktemp ${TMPDIR:-/tmp}/mstransition.XXXXXXXX)
log "Adding identity certifier with fingerprint %s\n" "$keyfpr"
- GNUPGHOME="$SYSDATADIR"/gnupg-host gpg --export "0x$keyfpr" --export-clean >"$CERTKEY"
+ GNUPGHOME="$SYSDATADIR"/gnupg-host gpg --no-permission-warning --export "0x$keyfpr" --export-clean >"$CERTKEY"
MONKEYSPHERE_PROMPT=false monkeysphere-authentication add-identity-certifier $finaldomain --trust "$truststring" --depth "$trustdepth" "$CERTKEY"
rm -f "$CERTKEY"
# clear the fingerprint so that we don't
# make additional tsigs on it if more uids
# are present:
- $keyfpr=
+ keyfpr=
fi
;;
esac
log "Not transferring host key info because host directory already exists.\n"
else
if [ -s "$SYSDATADIR"/ssh_host_rsa_key ] || \
- GNUPGHOME="$SYSDATADIR"/gnupg-host gpg --with-colons --list-secret-keys | grep -q '^sec:' ; then
+ GNUPGHOME="$SYSDATADIR"/gnupg-host gpg --no-permission-warning --with-colons --list-secret-keys | grep -q '^sec:' ; then
# create host home
mkdir -p "${MHDATADIR}"
chmod 0700 "${MHDATADIR}"
log "importing host key from old monkeysphere installation\n"
- GNUPGHOME="$SYSDATADIR"/gnupg-host gpg --export-secret-keys \
+ GNUPGHOME="$SYSDATADIR"/gnupg-host gpg --no-permission-warning --export-secret-keys | \
GNUPGHOME="$MHDATADIR" gpg --import
monkeysphere-host update-gpg-pub-file
projects / monkeysphere.git / commitdiff