bin/make-ca-key, lib/func.sh: Make user and group names configurable.

[ca] / lib / func.sh

diff --git a/lib/func.sh b/lib/func.sh
index 3cfd55e..90e643c 100644 (file)
--- a/lib/func.sh
+++ b/lib/func.sh
@@ -1,5 +1,9 @@
 ### -*-sh-*-
 
+## Set up configuration.
+ca_user=ca ca_group=ca ca_owner=root
+if [ -f etc/config ]; then . etc/config; fi
+
 runas_ca () {
   ## runas_ca
   ##
@@ -7,8 +11,8 @@ runas_ca () {
   ## to run as root against untrusted input -- especially OpenSSL's one.
 
   case $(id -un) in
-    ca) ;;
-    *) exec sudo -u ca "$0" "$@" ;;
+    $ca_user) ;;
+    *) exec sudo -u $ca_user "$0" "$@" ;;
   esac
 }