From 125f634cdfe44886827f20eea3e908ed8fe418b0 Mon Sep 17 00:00:00 2001 Message-Id: <125f634cdfe44886827f20eea3e908ed8fe418b0.1714904311.git.mdw@distorted.org.uk> From: Mark Wooding Date: Sun, 12 Feb 2012 23:21:44 +0000 Subject: [PATCH] keys.conf: New file, suggesting a possible implementation of `$SAFE'. Organization: Straylight/Edgeware From: Mark Wooding --- Makefile.am | 2 ++ debian/control | 2 +- debian/distorted-keys.install | 1 + keys.conf | 7 +++++++ 4 files changed, 11 insertions(+), 1 deletion(-) create mode 100644 keys.conf diff --git a/Makefile.am b/Makefile.am index 886e012..e169f41 100644 --- a/Makefile.am +++ b/Makefile.am @@ -179,6 +179,8 @@ EXTRA_DIST += claim-dir.tab dist_profile_DATA += profile.d/00base dist_profile_DATA += profile.d/02infra +EXTRA_DIST += keys.conf + ###-------------------------------------------------------------------------- ### Release setup. diff --git a/debian/control b/debian/control index 7040f1b..0e334b7 100644 --- a/debian/control +++ b/debian/control @@ -8,7 +8,7 @@ Standards-Version: 3.1.1 Package: distorted-keys Architecture: all Depends: python (>= 2.5), userv, openssl (>= 0.9.8o), adduser -Recommends: gnupg +Recommends: gnupg, claim-dir Suggests: seccure, texlive-latex-recommended, qrencode Description: Basic key-management system with secure recovery features. The primary purpose of the distorted.org.uk key management system is diff --git a/debian/distorted-keys.install b/debian/distorted-keys.install index 8d09989..8ff9b4c 100644 --- a/debian/distorted-keys.install +++ b/debian/distorted-keys.install @@ -6,3 +6,4 @@ etc/distorted-keys debian/build/userv/distorted-keys /etc/userv/default.d debian/admin.users /etc/distorted-keys debian/admin.groups /etc/distorted-keys +keys.conf /etc/distorted-keys diff --git a/keys.conf b/keys.conf new file mode 100644 index 0000000..4ce3451 --- /dev/null +++ b/keys.conf @@ -0,0 +1,7 @@ +### -*-sh-*- +### +### Configuration for `distorted-keys'. This is a shell-script fragment. + +## A `safe' directory for storing short-lived secrets. Ideally, this +## shouldn't be backed by disk. +SAFE=$(userv root claim-dir safe