X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=omf%2Fexport-omf.sh;h=25362d5ca6c79193cc4e9df0ac5681eb76255619;hb=HEAD;hp=2003228e1a71c8501d665b58b068aa0a124a0165;hpb=d8a22084b608ce6d8388f3fb0001ee055d57dc17;p=infrastructure.git diff --git a/omf/export-omf.sh b/omf/export-omf.sh index 2003228..25362d5 100755 --- a/omf/export-omf.sh +++ b/omf/export-omf.sh @@ -1,14 +1,65 @@ #!/bin/bash +# # to be run on www.planet-lab.eu where the CERTH key was imported +# triggered by /etc/cron.d/export-nitos.cron +# +# (*) initialized gpg with the gpg rings found in /etc/planetlab +# ple-www.pl.sophia.inria.fr ~ # ls -ld .gnupg .gnupg/*ring.gpg +# drwx------ 2 root root 4096 Jun 17 16:11 .gnupg +# -rw------- 1 root root 28357 Jun 17 16:11 .gnupg/pubring.gpg +# -rw------- 1 root root 47028 Jun 16 16:43 .gnupg/secring.gpg# +# +# (*) used NITOS indications to locate armored key +# http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x4646985724FAFE07 +# +# (*) stored that in /etc/planetlab/Nitlab.key +# +# (*) gpg --import /etc/planetlab/Nitlab.key +# +# (*) signed the snipped version and published it to NITOS +# +#################### +# (*) upon reception of their acknowledgement, which establishes trust +# sign and trust the key: +# [boot-planet-lab-eu] ~/.gnupg # gpg --edit-key CERTH +# gpg (GnuPG) 1.4.7; Copyright (C) 2006 Free Software Foundation, Inc. +# +# +# +# Command> sign +# +# +# +# Really sign? (y/N) y +# +# Command> trust +# +# +# +# 1 = I don't know or won't say +# 2 = I do NOT trust +# 3 = I trust marginally +# 4 = I trust fully +# 5 = I trust ultimately +# m = back to the main menu +# +# Your decision? 5 +# Do you really want to set this key to ultimate trust? (y/N) y +# +# +# +# Command> q +# Save changes? (y/N) y +# [boot-planet-lab-eu] ~/.gnupg # + DIRNAME=$(dirname $0) cd $DIRNAME -# refresh EXPORT and EXPORT.snip with the python script - -plcsh ./export-omf.py -- -n EXPORT.snip -plcsh ./export-omf.py -- EXPORT +# refresh the gpg encrypted version of the export file +mv -f EXPORT.nitlab.gpg EXPORT.nitlab.gpg.bak +plcsh ./export-omf.py | gpg -r CERTH -e --output EXPORT.nitlab.gpg -yes | gpg -r CERTH -e < EXPORT.snip > EXPORT.snip.nitlab -yes | gpg -r CERTH -e < EXPORT > EXPORT.nitlab +# publish under /var/www/html/download/EXPORT.nitlab +cp EXPORT.nitlab.gpg /var/www/html/download/EXPORT.nitlab.gpg