7 # Mark Huang <mlhuang@cs.princeton.edu>
8 # Copyright (C) 2006 The Trustees of Princeton University
10 # $Id: gpg,v 1.3 2006/05/08 18:16:33 mlhuang Exp $
13 # Source function library and configuration
14 . /etc/plc.d/functions
15 . /etc/planetlab/plc_config
19 if [ ! -f $PLC_ROOT_GPG_KEY_PUB -o ! -f $PLC_ROOT_GPG_KEY ] ; then
20 # Generate new GPG keyring
21 MESSAGE=$"Generating GPG keys"
24 mkdir -p $(dirname $PLC_ROOT_GPG_KEY_PUB)
25 mkdir -p $(dirname $PLC_ROOT_GPG_KEY)
27 # Temporarily replace /dev/random with /dev/urandom to
28 # avoid running out of entropy.
30 mknod /dev/random c 1 9
31 gpg --homedir=/root --no-tty --yes \
32 --batch --gen-key <<EOF
37 Name-Real: $PLC_NAME Central
38 Name-Comment: http://$PLC_WWW_HOST/
39 Name-Email: $PLC_MAIL_SUPPORT_ADDRESS
41 %pubring $PLC_ROOT_GPG_KEY_PUB
42 %secring $PLC_ROOT_GPG_KEY
47 mknod /dev/random c 1 8
48 chmod 644 $PLC_ROOT_GPG_KEY_PUB
49 chmod 600 $PLC_ROOT_GPG_KEY
54 MESSAGE=$"Updating GPG keys"
57 # Get the current GPG fingerprint
58 fingerprint=$PLC_MAIL_SUPPORT_ADDRESS
61 while read -a fields ; do
62 if [ "${fields[0]}" = "pub" ] ; then
63 fingerprint=${fields[4]}
67 gpg --homedir=/root --no-tty --yes \
68 --no-default-keyring --keyring $PLC_ROOT_GPG_KEY_PUB --secret-keyring $PLC_ROOT_GPG_KEY \
69 --list-public-keys --with-colons
74 # GPG UIDs cannot and should not normally be changed, but
75 # since we do not certify signatures, we can effectively
76 # change it by adding a new one and deleting the old one.
77 gpg --homedir=/root --no-tty --yes \
78 --no-default-keyring --keyring $PLC_ROOT_GPG_KEY_PUB --secret-keyring $PLC_ROOT_GPG_KEY \
79 --command-fd 0 --status-fd 1 --edit-key $fingerprint <<EOF
82 $PLC_MAIL_SUPPORT_ADDRESS