pacman-key: clean keys on import to remove unknown signatures
There is no good reason to bloat the keyring by importing tons of signatures we cannot use; drop any signatures that don't validate against another available key (probably the master keys). If any desired signatures get cleaned, the key can be refreshed after importing the new signing public key. Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
This commit is contained in:
Eli Schwartz
Allan McRae
parent
f492339035
commit
2a792ac7bb
1 changed files with 1 additions and 0 deletions
|
|
@ -209,6 +209,7 @@ initialize() {
|
|||
add_gpg_conf_option "$conffile" 'no-permission-warning'
|
||||
add_gpg_conf_option "$conffile" 'lock-never'
|
||||
add_gpg_conf_option "$conffile" 'keyserver-options' 'timeout=10'
|
||||
add_gpg_conf_option "$conffile" 'keyserver-options' 'import-clean'
|
||||
|
||||
local gpg_ver=$(gpg --version | awk '{print $3; exit}')
|
||||
if (( $(vercmp "$gpg_ver" 2.2.17) >= 0 )); then
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue