From 49ebd856ec09b2a7d87d36dedbf83d02d59269a8 Mon Sep 17 00:00:00 2001
From: Allan McRae <allan@archlinux.org>
Date: Wed, 3 Apr 2024 10:52:21 +1000
Subject: [PATCH] pacman-key: fix permission checks for non-root operations

Removing lock-never from the default gpg.conf file exposed a couple of bugs
in the permission checks in pacman-key.

Signed-off-by: Allan McRae <allan@archlinux.org>
---
 scripts/pacman-key.sh.in | 9 +++------
 1 file changed, 3 insertions(+), 6 deletions(-)

diff --git a/scripts/pacman-key.sh.in b/scripts/pacman-key.sh.in
index f68d0767..601163a3 100644
--- a/scripts/pacman-key.sh.in
+++ b/scripts/pacman-key.sh.in
@@ -266,12 +266,9 @@ check_keyring() {
 		exit 1
 	fi
 
-	if (( (EXPORT || FINGER || LIST || VERIFY) && EUID != 0 )); then
-		if ! grep -q "^[[:space:]]*lock-never[[:space:]]*$" ${PACMAN_KEYRING_DIR}/gpg.conf &>/dev/null; then
-			error "$(gettext "You do not have sufficient permissions to run this command.")"
-			msg "$(gettext "Use '%s' to correct the keyring permissions.")" "pacman-key --init"
-			exit 1
-		fi
+	if (( !(EXPORT || FINGER || LISTKEYS || LISTSIGS || VERIFY) && EUID != 0 )); then
+		error "$(gettext "You do not have sufficient permissions to run this command.")"
+		exit 1
 	fi
 
 	if (( LSIGNKEY || POPULATE )); then