--- /dev/null
+#! /bin/sh
+###
+### Delete a keeper set
+###
+### (c) 2012 Mark Wooding
+###
+
+###----- Licensing notice ---------------------------------------------------
+###
+### This file is part of the distorted.org.uk key management suite.
+###
+### distorted-keys is free software; you can redistribute it and/or modify
+### it under the terms of the GNU General Public License as published by
+### the Free Software Foundation; either version 2 of the License, or
+### (at your option) any later version.
+###
+### distorted-keys is distributed in the hope that it will be useful,
+### but WITHOUT ANY WARRANTY; without even the implied warranty of
+### MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+### GNU General Public License for more details.
+###
+### You should have received a copy of the GNU General Public License
+### along with distorted-keys; if not, write to the Free Software Foundation,
+### Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
+
+set -e
+case "${KEYSLIB+t}" in t) ;; *) echo >&2 "$0: KEYSLIB unset"; exit 1 ;; esac
+. "$KEYSLIB"/keyfunc.sh
+
+defhelp <<HELP
+KEEPER
+Delete the keeper set named KEEPER.
+HELP
+
+case $# in 1) ;; *) usage_err ;; esac
+keeper=$1
+checkword "keeper set label" "$keeper"
+
+cd $KEYS/keeper
+if [ ! -d $keeper ]; then
+ echo >&2 "$quis: unknown keeper set \`$keeper'"
+ exit 1
+fi
+
+unset deps
+if [ -d $KEYS/recov ]; then
+ cd $KEYS/recov
+ for r in $(find . -type l -name current -print); do
+ r=${r#./}; r=${r%/current}
+ if ! expr >/dev/null "Q$r" : "Q$R_LABEL"; then continue; fi
+ for ri in $r/*; do
+ i=${ri##*/}
+ case "$i" in *[!0-9]*) continue ;; esac
+ this=nil others=nil
+ for kp in $r/current/*.param; do
+ k=${kp##*/}; k=${k%.param}
+ case $k in $keeper) this=t ;; *) others=t ;; esac
+ done
+ case $this,$others in t,nil) deps="$deps $ri" ;; esac
+ done
+ done
+fi
+case "${deps+t}" in
+ t)
+ echo >&2 "$quis: deleting keeper \`$keeper' would orphan recovery keys:"
+ for d in $deps; do echo 2>&1 " $d"; done
+ exit 1
+ ;;
+esac
+
+if [ -d $KEYS/recov ]; then
+ cd $KEYS/recov
+ for r in $(find . -type l -name current -print); do
+ r=${r#./}; r=${r%/current}
+ if ! expr >/dev/null "Q$r" : "Q$R_LABEL"; then continue; fi
+ for ri in $i/*; do
+ i=${ri##*/}
+ case "$i" in *[!0-9]*) continue ;; esac
+ rm -f $ri/$keeper.*
+ done
+ changep=nil
+ while read k rest; do
+ case $k in $keeper) changep=t ;; *) echo "$k $rest" ;; esac
+ done <$r/keepers >$r/keepers.new
+ case $changep in
+ t) mv $r/keepers.new $r/keepers ;;
+ nil) rm $r/keepers.new ;;
+ esac
+ done
+fi
+
+cd $KEYS/keeper
+rm -r $keeper
+
+###----- That's all, folks --------------------------------------------------
## Parse the command line.
force=nil
profile=${keeper_profile-keeper}
-while getopts "fp:" opt; do
+while getopts "p:" opt; do
case "$opt" in
- f) force=t ;;
p) profile=$OPTARG ;;
*) usage_err ;;
esac
## Preflight checking.
reqsafe
-case $force in
- nil)
- if [ -e $KEYS/keeper/$keeper ]; then
- echo >&2 "$quis: keeper set \`$keeper' already exists"
- exit 1
- fi
- if [ -e $SAFE/keys.keeper/$keeper ]; then
- echo >&2 "$quis: destination \`$keeper' already exists"
- exit 1
- fi
- ;;
- t)
- rm -rf $KEYS/keeper/$keeper
- rm -rf $SAFE/keys.keeper/$keeper/
- ;;
-esac
+if [ -e $KEYS/keeper/$keeper ]; then
+ echo >&2 "$quis: keeper set \`$keeper' already exists"
+ exit 1
+fi
+if [ -e $SAFE/keys.keeper/$keeper ]; then
+ echo >&2 "$quis: destination \`$keeper' already exists"
+ exit 1
+fi
## Generate the private keys, one per file, and compute the public keys.
mktmp