### Main driver program and commands.
## Main driver.
-bin_SCRIPTS += keys
+sbin_SCRIPTS += keys
EXTRA_DIST += keys.in
CLEANFILES += keys
keys: keys.in Makefile
### Crypto operations.
## Main driver program.
-sbin_SCRIPTS += cryptop
+bin_SCRIPTS += cryptop
EXTRA_DIST += cryptop.in
CLEANFILES += cryptop
cryptop: cryptop.in Makefile
EXTRA_DIST += debian/distorted-keys.install
EXTRA_DIST += debian/distorted-keys.postinst
+EXTRA_DIST += debian/admin.users debian/admin.groups
+
###----- That's all, folks --------------------------------------------------
usage="usage: $quis COMMAND [ARGUMENTS ...]"
prefix=cryptop
+runas @user@ cryptop "$@"
+
## Parse options.
while getopts "hv" opt; do
case "$opt" in
--- /dev/null
+### -*-conf-*-
+###
+### Groups with administrative privileges, one per line.
--- /dev/null
+### -*-conf-*-
+###
+### Users with administrative privileges, one per line.
+
+root
debian/build/userv/distorted-keys /etc/userv/default.d
+debian/admin.users /etc/distorted-keys
+debian/admin.groups /etc/distorted-keys
knub=$KEYS/nub/$kowner/$klabel
}
+runas () {
+ user=$1 service=$2; shift 2
+ ## If the current (effective) user is not USER then reinvoke via `userv',
+ ## as the specified service, with the remaining arguments.
+
+ case $(id -un) in
+ "$user") ;;
+ *) exec userv "$user" "$service" "$@" ;;
+ esac
+}
+
###--------------------------------------------------------------------------
### Input validation functions.
usage="usage: $quis COMMAND [ARGUMENTS ...]"
prefix=keys
+runas @user@ keys "$@"
+
## Parse options.
while getopts "hv" opt; do
case "$opt" in
require-fd 1-2 write
ignore-fd 3-
no-set-environment
- execute @sbindir@/cryptop
+ execute @bindir@/cryptop
+fi
+
+###--------------------------------------------------------------------------
+### Key administration operations.
+
+if ( glob service keys
+ & glob service-user @user@
+ & ( grep calling-user @pkgconfdir@/admin.users
+ | grep calling-group @pkgconfdir@/admin.groups
+ )
+ )
+ no-suppress-args
+ require-fd 0 read
+ require-fd 1-2 write
+ ignore-fd 3-
+ no-set-environment
+ execute @sbindir@/keys
fi
###--------------------------------------------------------------------------