### -*-sh-*-
+## Set up configuration.
+ca_user=ca ca_group=ca ca_owner=root
+if [ -f etc/config ]; then . etc/config; fi
+
runas_ca () {
## runas_ca
##
## to run as root against untrusted input -- especially OpenSSL's one.
case $(id -un) in
- ca) ;;
- *) exec sudo -u ca "$0" "$@" ;;
+ $ca_user) ;;
+ *) exec sudo -u $ca_user "$0" "$@" ;;
esac
}