X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=omf%2Fexport-omf.sh;h=25362d5ca6c79193cc4e9df0ac5681eb76255619;hb=a8aa1baef6f4d1df60f44d1d542912acff913226;hp=8d881ad8cd74096f239a01368db8d5ace203dde8;hpb=689defdf98d5b4c9698c0f64beff4ef61055cac9;p=infrastructure.git diff --git a/omf/export-omf.sh b/omf/export-omf.sh index 8d881ad..25362d5 100755 --- a/omf/export-omf.sh +++ b/omf/export-omf.sh @@ -1,5 +1,13 @@ #!/bin/bash -# to be run on {www,boot}.planet-lab.eu where the CERTH key was imported +# +# to be run on www.planet-lab.eu where the CERTH key was imported +# triggered by /etc/cron.d/export-nitos.cron +# +# (*) initialized gpg with the gpg rings found in /etc/planetlab +# ple-www.pl.sophia.inria.fr ~ # ls -ld .gnupg .gnupg/*ring.gpg +# drwx------ 2 root root 4096 Jun 17 16:11 .gnupg +# -rw------- 1 root root 28357 Jun 17 16:11 .gnupg/pubring.gpg +# -rw------- 1 root root 47028 Jun 16 16:43 .gnupg/secring.gpg# # # (*) used NITOS indications to locate armored key # http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x4646985724FAFE07 @@ -9,14 +17,48 @@ # (*) gpg --import /etc/planetlab/Nitlab.key # # (*) signed the snipped version and published it to NITOS -# upon reception of their acknowledgement we can sign the key -# (which hopefully will remove the need for typing 'y' hehe) +# +#################### +# (*) upon reception of their acknowledgement, which establishes trust +# sign and trust the key: +# [boot-planet-lab-eu] ~/.gnupg # gpg --edit-key CERTH +# gpg (GnuPG) 1.4.7; Copyright (C) 2006 Free Software Foundation, Inc. +# +# +# +# Command> sign +# +# +# +# Really sign? (y/N) y +# +# Command> trust +# +# +# +# 1 = I don't know or won't say +# 2 = I do NOT trust +# 3 = I trust marginally +# 4 = I trust fully +# 5 = I trust ultimately +# m = back to the main menu +# +# Your decision? 5 +# Do you really want to set this key to ultimate trust? (y/N) y +# +# +# +# Command> q +# Save changes? (y/N) y +# [boot-planet-lab-eu] ~/.gnupg # + DIRNAME=$(dirname $0) cd $DIRNAME # refresh the gpg encrypted version of the export file +mv -f EXPORT.nitlab.gpg EXPORT.nitlab.gpg.bak plcsh ./export-omf.py | gpg -r CERTH -e --output EXPORT.nitlab.gpg # publish under /var/www/html/download/EXPORT.nitlab