keys.archive -> cryptop.archive: Command was in the wrong suite.

[distorted-keys] / cryptop.archive

diff --git a/keys.archive b/cryptop.archive
similarity index 72%
rename from keys.archive
rename to cryptop.archive
index 3ac414e6eee5d1fd94421bb6665fc5d199314a03..40bc5a7ee5fddc12488c151ea6ba99af74d68b26 100755 (executable)
--- a/keys.archive
+++ b/cryptop.archive
@@ -28,30 +28,31 @@ case "${KEYSLIB+t}" in t) ;; *) echo >&2 "$0: KEYSLIB unset"; exit 1 ;; esac
 . "$KEYSLIB"/keyfunc.sh
 
 defhelp <<HELP
-LABEL KEY
+LABEL KEY | tar xf -
 Write a publishable archive of the key-management state.
 
-The archive is written to LABEL.tar.gz; a signature is written to
-LABEL.KEY.sig.
+The archive is written to stdout as a tar archive containing two files:
+LABEL.tar.gz contains the actual archive, and LABEL.KEY.sig contains a
+signature.
 
 The archive doesn't contain any unecrypted secrets.  You'll probably need
-a keeper set to get anything useful.
+a keeper set to get anything useful out of it.
 HELP
 
 case $# in 2) ;; *) usage_err ;; esac
-label=$1 key=$2
-checkword "archive label" "$label"
+arch=$1 key=$2
+checkword "archive label" "$arch"
 
 mktmp
 prepare "$key" archive
-( cd $tmp
-  mkdir $label
-  ln -s $ETC $label/config
-  mkdir $label/data
-  ln -s $KEYS/* $label/data/
-  rm -f $label/data/nub
-  tar cf - $label/config/* $label/data/*/* ) | gzip -9c >$label.tar.gz.new
-c_sign $kdir $knub <$label.tar.gz.new >$label.sig.new
-for i in sig tar.gz; do mv $label.$i.new $label.$i; done
+cd $tmp
+mkdir $arch
+ln -s $ETC $arch/config
+mkdir $arch/data
+ln -s $KEYS/* $arch/data/
+rm -f $arch/data/nub
+tar cf - $arch/config/* $arch/data/*/* | gzip -9c >$arch.tar.gz
+c_sign $kdir $knub <$arch.tar.gz >$arch.sig
+tar cf - $arch.tar.gz $arch.sig
 
 ###----- That's all, folks --------------------------------------------------