diff options
Diffstat (limited to 'tools')
| -rw-r--r-- | tools/ChangeLog | 5 | ||||
| -rw-r--r-- | tools/Makefile.am | 6 | ||||
| -rwxr-xr-x | tools/applygnupgdefaults | 83 |
3 files changed, 91 insertions, 3 deletions
diff --git a/tools/ChangeLog b/tools/ChangeLog index 56247c6d8..c369506ae 100644 --- a/tools/ChangeLog +++ b/tools/ChangeLog @@ -1,3 +1,8 @@ +2007-03-07 Werner Koch <[email protected]> + + * applygnupgdefaults: New. + * Makefile.am (sbin_SCRIPTS): Add it + 2007-03-06 Werner Koch <[email protected]> * gpgconf-comp.c: Include pwd.h and grp.h. diff --git a/tools/Makefile.am b/tools/Makefile.am index 11abca701..d3c355662 100644 --- a/tools/Makefile.am +++ b/tools/Makefile.am @@ -1,5 +1,5 @@ # Makefile.am - Tools directory -# Copyright (C) 2003 Free Software Foundation, Inc. +# Copyright (C) 2003, 2007 Free Software Foundation, Inc. # # This file is part of GnuPG. # @@ -20,7 +20,7 @@ EXTRA_DIST = \ Manifest watchgnupg.c \ - addgnupghome gpgsm-gencert.sh \ + addgnupghome applygnupgdefaults gpgsm-gencert.sh \ lspgpot mail-signed-keys convert-from-106 @@ -29,7 +29,7 @@ include $(top_srcdir)/am/cmacros.am AM_CFLAGS = $(LIBGCRYPT_CFLAGS) $(GPG_ERROR_CFLAGS) $(LIBASSUAN_CFLAGS) -sbin_SCRIPTS = addgnupghome +sbin_SCRIPTS = addgnupghome applygnupgdefaults bin_SCRIPTS = gpgsm-gencert.sh if HAVE_USTAR diff --git a/tools/applygnupgdefaults b/tools/applygnupgdefaults new file mode 100755 index 000000000..882189c0c --- /dev/null +++ b/tools/applygnupgdefaults @@ -0,0 +1,83 @@ +#!/bin/sh +# Apply defaults from/etc/gnupg/gpg.conf to all users -*- sh -*- +# +# Copyright 2007 Free Software Foundation, Inc. +# +# This file is free software; as a special exception the author gives +# unlimited permission to copy and/or distribute it, with or without +# modifications, as long as this notice is preserved. +# +# This file is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY, to the extent permitted by law; without even the +# implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. + +PGM=applygnupgdefaults +errorfile= + +error () { + echo "$PGM: $*" >&2 + echo "$PGM: $*" >>$errorfile +} + +info () { + echo "$PGM: $*" >&2 +} + +if [ -n "$1" ]; then + echo "usage: $PGM" >&2 + exit 1 +fi + +# Cleanup on exit +cleanup () +{ + [ -n "$errorfile" -a -f "$errorfile" ] && rm "$errorfile" +} +trap cleanup EXIT SIGINT SIGHUP SIGPIPE +errorfile="/tmp/$PGM.$$.log" +: >$errorfile + + +# Check whether we can use getent +if getent --help </dev/null >/dev/null 2>&1 ; then + cat_passwd='getent passwd' +else + cat_passwd='cat /etc/passwd' + info "please note that only users from /etc/passwd are processed" +fi + +if [ ! -f /etc/gnupg/gpgconf.conf ]; then + error "global configuration file \`/etc/gnupg/gpgconf.conf' does not exist" + exit 1 +fi +if [ ! -f /etc/shells ]; then + error "missing file \`/etc/shells'" + exit 1 +fi + +if [ $(id -u) -ne 0 ]; then + error "needs to be run as root" + exit 1 +fi + +${cat_passwd} \ + | while IFS=: read -r user dmy_a uid dmy_c dmy_d home shell dmy_rest; do + # Process only entires with a valid login shell + grep </etc/shells "^$shell" 2>/dev/null >/dev/null || continue + # and with an existant gnupg home directory + [ -d "$home/.gnupg" ] || continue + # but not root + [ "${uid:-0}" -eq 0 ] && continue + info "running \"gpgconf --apply-defaults\" for $user" + if su -l -s /bin/sh \ + -c 'gpgconf --apply-defaults && echo SUCCESS' $user \ + | tail -1 | grep ^SUCCESS >/dev/null ; then + : + else + error "failed to update gnupg defaults for $user" + fi +done + +[ "$(wc -c <$errorfile)" -gt 0 ] && exit 1 +exit 0 + |