pacman-key: add --refresh-keys operation
This allows new signatures to be pulled, revocations to be found, etc. Signed-off-by: Dan McGee <dan@archlinux.org>
This commit is contained in:
Dan McGee
parent
d9545103b9
commit
16fd66f879
2 changed files with 11 additions and 3 deletions
|
|
@ -90,6 +90,9 @@ Options
|
||||||
*-r, \--recv-keys* <keyid(s)>::
|
*-r, \--recv-keys* <keyid(s)>::
|
||||||
Equivalent to '\--recv-keys' in GnuPG.
|
Equivalent to '\--recv-keys' in GnuPG.
|
||||||
|
|
||||||
|
*\--refresh-keys* [keyid(s)]::
|
||||||
|
Equivalent to '\--refresh-keys' in GnuPG.
|
||||||
|
|
||||||
*\--populate* [keyring(s)]::
|
*\--populate* [keyring(s)]::
|
||||||
Reload the default keys from the (optionally provided) keyrings in
|
Reload the default keys from the (optionally provided) keyrings in
|
||||||
+{pkgdatadir}/keyrings+. For more information, see
|
+{pkgdatadir}/keyrings+. For more information, see
|
||||||
|
|
|
||||||
|
|
@ -41,6 +41,7 @@ LISTSIGS=0
|
||||||
LSIGNKEY=0
|
LSIGNKEY=0
|
||||||
POPULATE=0
|
POPULATE=0
|
||||||
RECEIVE=0
|
RECEIVE=0
|
||||||
|
REFRESH=0
|
||||||
UPDATEDB=0
|
UPDATEDB=0
|
||||||
VERIFY=0
|
VERIFY=0
|
||||||
|
|
||||||
|
|
@ -81,6 +82,7 @@ usage() {
|
||||||
echo "$(gettext " --lsign-key <keyid> Locally sign the specified keyid")"
|
echo "$(gettext " --lsign-key <keyid> Locally sign the specified keyid")"
|
||||||
printf "$(gettext " --populate [keyring(s)] Reload the default keys from the (given) keyrings\n\
|
printf "$(gettext " --populate [keyring(s)] Reload the default keys from the (given) keyrings\n\
|
||||||
in '%s'")\n" "@pkgdatadir@/keyrings"
|
in '%s'")\n" "@pkgdatadir@/keyrings"
|
||||||
|
echo "$(gettext " --refresh-keys [keyid(s)] Update specified or all keys from a keyserver")"
|
||||||
}
|
}
|
||||||
|
|
||||||
version() {
|
version() {
|
||||||
|
|
@ -363,7 +365,8 @@ fi
|
||||||
OPT_SHORT="a::d:e:f::hl::r:uv:V"
|
OPT_SHORT="a::d:e:f::hl::r:uv:V"
|
||||||
OPT_LONG="add::,config:,delete:,edit-key:,export::,finger::,gpgdir:"
|
OPT_LONG="add::,config:,delete:,edit-key:,export::,finger::,gpgdir:"
|
||||||
OPT_LONG+=",help,import:,import-trustdb:,init,keyserver:,list-keys::,list-sigs::"
|
OPT_LONG+=",help,import:,import-trustdb:,init,keyserver:,list-keys::,list-sigs::"
|
||||||
OPT_LONG+=",lsign-key:,populate::,recv-keys:,updatedb,verify:,version"
|
OPT_LONG+=",lsign-key:,populate::,recv-keys:,refresh-keys::,updatedb"
|
||||||
|
OPT_LONG+=",verify:,version"
|
||||||
if ! OPT_TEMP="$(parse_options $OPT_SHORT $OPT_LONG "$@")"; then
|
if ! OPT_TEMP="$(parse_options $OPT_SHORT $OPT_LONG "$@")"; then
|
||||||
echo; usage; exit 1 # E_INVALID_OPTION;
|
echo; usage; exit 1 # E_INVALID_OPTION;
|
||||||
fi
|
fi
|
||||||
|
|
@ -393,6 +396,7 @@ while true; do
|
||||||
--lsign-key) LSIGNKEY=1; shift; KEYIDS=($1); UPDATEDB=1 ;;
|
--lsign-key) LSIGNKEY=1; shift; KEYIDS=($1); UPDATEDB=1 ;;
|
||||||
--populate) POPULATE=1; [[ -n $2 && ${2:0:1} != "-" ]] && shift && KEYRINGIDS=($1); UPDATEDB=1 ;;
|
--populate) POPULATE=1; [[ -n $2 && ${2:0:1} != "-" ]] && shift && KEYRINGIDS=($1); UPDATEDB=1 ;;
|
||||||
-r|--recv-keys) RECEIVE=1; shift; KEYIDS=($1); UPDATEDB=1 ;;
|
-r|--recv-keys) RECEIVE=1; shift; KEYIDS=($1); UPDATEDB=1 ;;
|
||||||
|
--refresh-keys) REFRESH=1; [[ -n $2 && ${2:0:1} != "-" ]] && shift && KEYIDS=($1) ;;
|
||||||
-u|--updatedb) UPDATEDB=1 ;;
|
-u|--updatedb) UPDATEDB=1 ;;
|
||||||
-v|--verify) VERIFY=1; shift; SIGNATURE=$1 ;;
|
-v|--verify) VERIFY=1; shift; SIGNATURE=$1 ;;
|
||||||
|
|
||||||
|
|
@ -411,7 +415,7 @@ if ! type -p gpg >/dev/null; then
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if (( (ADD || DELETE || EDITKEY || IMPORT || IMPORT_TRUSTDB || INIT || LSIGNKEY || POPULATE || RECEIVE || UPDATEDB) && EUID != 0 )); then
|
if (( (ADD || DELETE || EDITKEY || IMPORT || IMPORT_TRUSTDB || INIT || LSIGNKEY || POPULATE || RECEIVE || REFRESH || UPDATEDB) && EUID != 0 )); then
|
||||||
error "$(gettext "%s needs to be run as root for this operation.")" "pacman-key"
|
error "$(gettext "%s needs to be run as root for this operation.")" "pacman-key"
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
fi
|
||||||
|
|
@ -434,7 +438,7 @@ fi
|
||||||
# check only a single operation has been given
|
# check only a single operation has been given
|
||||||
# don't include UPDATEDB in here as other opts can induce it
|
# don't include UPDATEDB in here as other opts can induce it
|
||||||
numopt=$(( ADD + DELETE + EDITKEY + EXPORT + FINGER + IMPORT + IMPORT_TRUSTDB +
|
numopt=$(( ADD + DELETE + EDITKEY + EXPORT + FINGER + IMPORT + IMPORT_TRUSTDB +
|
||||||
INIT + LISTKEYS + LISTSIGS + LSIGNKEY + POPULATE + RECEIVE + VERIFY ))
|
INIT + LISTKEYS + LISTSIGS + LSIGNKEY + POPULATE + RECEIVE + REFRESH + VERIFY ))
|
||||||
|
|
||||||
case $numopt in
|
case $numopt in
|
||||||
0)
|
0)
|
||||||
|
|
@ -466,6 +470,7 @@ esac
|
||||||
(( LSIGNKEY )) && "${GPG_PACMAN[@]}" --lsign-key "${KEYIDS[@]}"
|
(( LSIGNKEY )) && "${GPG_PACMAN[@]}" --lsign-key "${KEYIDS[@]}"
|
||||||
(( POPULATE )) && populate_keyring
|
(( POPULATE )) && populate_keyring
|
||||||
(( RECEIVE )) && "${GPG_PACMAN[@]}" --recv-keys "${KEYIDS[@]}"
|
(( RECEIVE )) && "${GPG_PACMAN[@]}" --recv-keys "${KEYIDS[@]}"
|
||||||
|
(( REFRESH )) && "${GPG_PACMAN[@]}" --refresh-keys "${KEYIDS[@]}"
|
||||||
(( VERIFY )) && "${GPG_PACMAN[@]}" --verify $SIGNATURE
|
(( VERIFY )) && "${GPG_PACMAN[@]}" --verify $SIGNATURE
|
||||||
|
|
||||||
if (( UPDATEDB )); then
|
if (( UPDATEDB )); then
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue