monkeysphere user operations ask for password when run as non-privileged user
Any command that uses the 'su_monkeysphere_user' function internally, which attempts to 'su' as the monkeysphere user, will prompt for a password when being run as a non-privileged user. This includes:
- mh/add_revoker
- ma/_certifier
- ma/update_users
- ma/setup
Here is an examp:
servo:~/cmrg/monkeysphere/git 0$ MONKEYSPHERE_LOG_LEVEL=debug monkeysphere-authentication c ms: finding trusted keys... ms: determining core key fingerprint... gpg: WARNING: unsafe ownership on homedir `/var/lib/monkeysphere/authentication/core' gpg: failed to create temporary file `/var/lib/monkeysphere/authentication/core/.#lk0x8aad938.servo.24324': Permission denied gpg: keyblock resource `/var/lib/monkeysphere/authentication/core/secring.gpg': general error gpg: failed to create temporary file `/var/lib/monkeysphere/authentication/core/.#lk0x8aae670.servo.24324': Permission denied gpg: keyblock resource `/var/lib/monkeysphere/authentication/core/pubring.gpg': general error gpg: can't access `/var/lib/monkeysphere/authentication/core/trustdb.gpg': Permission denied gpg: fatal: can't init trustdb: trust database error secmem usage: 0/0 bytes in 0/0 blocks of pool 0/32768 Password: su: Authentication failure servo:~/cmrg/monkeysphere/git 0$
This is pretty clearly not ideal, and potentially very confusing. Maybe we can just add a rest to the su_monkeysphere_user function that will cause it to fail if the user is not root or the monkeysphere user?
(from redmine: created on 2009-02-17, closed on 2009-02-22)