Refresh gpg keys for all users
This commit is contained in:
Bob Mottram
parent
110a2f08d4
commit
a4415c5de4
|
|
@ -5314,8 +5314,12 @@ function configure_gpg {
|
|||
}
|
||||
|
||||
function refresh_gpg_keys {
|
||||
if ! grep -q "gpg --refresh-keys" /etc/crontab; then
|
||||
echo "0 */$REFRESH_GPG_KEYS_HOURS * * * $MY_USERNAME /usr/bin/gpg --refresh-keys > /dev/null" >> /etc/crontab
|
||||
if ! grep -q "${PROJECT_NAME}-sec --refresh" /etc/crontab; then
|
||||
if [ -f /usr/local/bin/freedombone-sec ]; then
|
||||
echo "0 */$REFRESH_GPG_KEYS_HOURS * * * $MY_USERNAME /usr/local/bin/${PROJECT_NAME}-sec --refresh > /dev/null" >> /etc/crontab
|
||||
else
|
||||
echo "0 */$REFRESH_GPG_KEYS_HOURS * * * $MY_USERNAME /usr/bin/${PROJECT_NAME}-sec --refresh > /dev/null" >> /etc/crontab
|
||||
fi
|
||||
systemctl restart cron
|
||||
fi
|
||||
}
|
||||
|
|
|
|||
|
|
@ -617,7 +617,7 @@ function enable_monkeysphere {
|
|||
# The admin user is the identity certifier
|
||||
fpr=$(gpg --with-colons --fingerprint $MY_GPG_PUBLIC_KEY_ID | grep fpr | head -n 1 | awk -F ':' '{print $10}')
|
||||
monkeysphere-authentication add-identity-certifier $fpr
|
||||
monkeysphere-host publish-key
|
||||
monkeysphere-host publish-key
|
||||
else
|
||||
sed -i 's|#AuthorizedKeysFile|AuthorizedKeysFile|g' /etc/ssh/sshd_config
|
||||
sed -i 's|AuthorizedKeysFile.*|AuthorizedKeysFile %h/.ssh/authorized_keys|g' /etc/ssh/sshd_config
|
||||
|
|
@ -851,6 +851,16 @@ function export_settings {
|
|||
exit 0
|
||||
}
|
||||
|
||||
function refresh_gpg_keys {
|
||||
for d in /home/*/ ; do
|
||||
USERNAME=$(echo "$d" | awk -F '/' '{print $3}')
|
||||
if [[ $USERNAME != "git" && $USERNAME != "mirrors" && $USERNAME != "sync" ]]; then
|
||||
su -c 'gpg --refresh-keys' - $USERNAME
|
||||
fi
|
||||
done
|
||||
exit 0
|
||||
}
|
||||
|
||||
function show_help {
|
||||
echo ''
|
||||
echo "${PROJECT_NAME}-sec"
|
||||
|
|
@ -861,6 +871,7 @@ function show_help {
|
|||
echo $' -h --help Show help'
|
||||
echo $' -e --export Export security settings to a file'
|
||||
echo $' -i --import Import security settings from a file'
|
||||
echo $' -r --refresh Refresh GPG keys for all users'
|
||||
echo ''
|
||||
exit 0
|
||||
}
|
||||
|
|
@ -885,6 +896,10 @@ case $key in
|
|||
shift
|
||||
IMPORT_FILE="$1"
|
||||
;;
|
||||
# Refresh GPG keys
|
||||
-r|--refresh)
|
||||
refresh_gpg_keys
|
||||
;;
|
||||
*)
|
||||
# unknown option
|
||||
;;
|
||||
|
|
|
|||
Loading…
Reference in New Issue