7 # Mark Huang <mlhuang@cs.princeton.edu>
8 # Copyright (C) 2006 The Trustees of Princeton University
10 # $Id: gpg,v 1.4 2006/05/17 20:47:59 mlhuang Exp $
13 # Source function library and configuration
14 . /etc/plc.d/functions
15 . /etc/planetlab/plc_config
19 if [ ! -f $PLC_ROOT_GPG_KEY_PUB -o ! -f $PLC_ROOT_GPG_KEY ] ; then
20 # Generate new GPG keyring
21 MESSAGE=$"Generating GPG keys"
24 mkdir -p $(dirname $PLC_ROOT_GPG_KEY_PUB)
25 mkdir -p $(dirname $PLC_ROOT_GPG_KEY)
27 # Temporarily replace /dev/random with /dev/urandom to
28 # avoid running out of entropy.
30 mknod /dev/random c 1 9
31 gpg --homedir=/root --no-tty --yes \
32 --batch --gen-key <<EOF
37 Name-Real: $PLC_NAME Central
38 Name-Comment: http://$PLC_WWW_HOST/
39 Name-Email: $PLC_MAIL_SUPPORT_ADDRESS
41 %pubring $PLC_ROOT_GPG_KEY_PUB
42 %secring $PLC_ROOT_GPG_KEY
47 mknod /dev/random c 1 8
48 chmod 644 $PLC_ROOT_GPG_KEY_PUB
49 chmod 600 $PLC_ROOT_GPG_KEY
52 MESSAGE=$"Updating GPG keys"
55 # Get the current GPG fingerprint and comment
58 while read -a fields ; do
59 if [ "${fields[0]}" = "pub" ] ; then
60 fingerprint=${fields[4]}
62 comment=${fields[9]/\x3a/:}
66 gpg --homedir=/etc/planetlab --no-permission-warning --no-tty --yes \
67 --list-public-keys --with-colons
72 # Add a new UID if appropriate
73 if [ "$comment" != "$PLC_NAME Central (http://$PLC_WWW_HOST/) <$PLC_MAIL_SUPPORT_ADDRESS>" ] ; then
74 gpg --homedir=/etc/planetlab --no-permission-warning --no-tty --yes \
75 --command-fd 0 --status-fd 1 --edit-key $fingerprint <<EOF
78 $PLC_MAIL_SUPPORT_ADDRESS
86 # Install the key in the RPM database
87 mkdir -p /etc/pki/rpm-gpg
88 gpg --homedir=/etc/planetlab --no-permission-warning --no-tty --yes \
89 --export --armor >"/etc/pki/rpm-gpg/RPM-GPG-KEY-$PLC_NAME"
91 if rpm -q gpg-pubkey ; then
92 rpm --allmatches -e gpg-pubkey
95 rpm --import /etc/pki/rpm-gpg/*