From 38c23b850fa68b0900a50a71b68043697cf5167c Mon Sep 17 00:00:00 2001 From: Clint Adams Date: Sun, 24 Oct 2010 18:00:36 -0400 Subject: [PATCH] Monkeysphere integration documentation. --- doc/monkeysphere.mkd | 65 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 65 insertions(+) create mode 100755 doc/monkeysphere.mkd diff --git a/doc/monkeysphere.mkd b/doc/monkeysphere.mkd new file mode 100755 index 0000000..0d81c1b --- /dev/null +++ b/doc/monkeysphere.mkd @@ -0,0 +1,65 @@ +This document attempts to describe one way to integrate +[Monkeysphere](http://web.monkeysphere.info/) authentication +with [gitolite](http://github.com/sitaramc/gitolite). + +We presuppose that you have a system with a new enough +version of Monkeysphere to support ssh `authorized_keys` +options, and that you are not making use of +monkeysphere-authentication on this system. + +As a first step, import the key or keys you wish to +act as Monkeysphere certifiers into the GnuPG public +keyring of the gitolite user (for example, +`gpg --keyserver pool.sks-keyservers.net --recv-keys B0AE9A02`) +Then edit such keys (`gpg --edit B0AE9A02`) and assign them +*ultimate* ownertrust. + +Next install a script of this nature as `post-update.secondary` +in the `hooks/` directory of the `gitolite-admin` repository. You can also +follow the "using hooks" section in gitolite's "admin" document to let +gitolite put your new hook in the correct place. + + #!/bin/zsh + + # this should use locking + + pushd ${GL_ADMINDIR} + + if [[ -d monkeydir ]] + then + cp ~/.monkeysphere/authorized_user_ids ~/.monkeysphere/old-authorized_user_ids + rm -f ~/.monkeysphere/new-authorized_user_ids + for i in monkeydir/*.pub + do + username=$i:t:r + for j in ${(f)"$(<$i)"} + do + cat >> ~/.monkeysphere/new-authorized_user_ids <