1
0
mirror of https://github.com/moparisthebest/pacman synced 2024-12-23 08:18:51 -05:00

repo-add: add option to specify a different key to sign with

Add -k/--key option to specify a non-default key for signing
a package database.

Original-patch-by: Denis A. Altoé Falqueto <denisfalqueto@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
This commit is contained in:
Denis A. Altoé Falqueto 2011-04-24 20:48:08 +10:00 committed by Dan McGee
parent 2eab4ab033
commit 59da64146d

View File

@ -71,8 +71,8 @@ usage() {
repo-add will update a package database by reading a package file.\n\ repo-add will update a package database by reading a package file.\n\
Multiple packages to add can be specified on the command line.\n\n")" Multiple packages to add can be specified on the command line.\n\n")"
printf "$(gettext "Options:\n")" printf "$(gettext "Options:\n")"
printf "$(gettext " -d, --delta generate and add delta for package update\n")" printf "$(gettext " -d, --delta generate and add delta for package update\n")"
printf "$(gettext " -f, --files update database's file list\n")" printf "$(gettext " -f, --files update database's file list\n")"
elif [[ $cmd == "repo-remove" ]] ; then elif [[ $cmd == "repo-remove" ]] ; then
printf "$(gettext "Usage: repo-remove [options] <path-to-db> <packagename|delta> ...\n\n")" printf "$(gettext "Usage: repo-remove [options] <path-to-db> <packagename|delta> ...\n\n")"
printf "$(gettext "\ printf "$(gettext "\
@ -81,9 +81,10 @@ specified on the command line from the given repo database. Multiple\n\
packages to remove can be specified on the command line.\n\n")" packages to remove can be specified on the command line.\n\n")"
printf "$(gettext "Options:\n")" printf "$(gettext "Options:\n")"
fi fi
printf "$(gettext " -q, --quiet minimize output\n")" printf "$(gettext " -q, --quiet minimize output\n")"
printf "$(gettext " -s, --sign sign database with GnuPG after update\n")" printf "$(gettext " -s, --sign sign database with GnuPG after update\n")"
printf "$(gettext " -v, --verify verify database's signature before update\n")" printf "$(gettext " -k, --key <key> use the specified key to sign the database\n")"
printf "$(gettext " -v, --verify verify database's signature before update\n")"
printf "$(gettext "\n\ printf "$(gettext "\n\
See %s(8) for more details and descriptions of the available options.\n\n")" $cmd See %s(8) for more details and descriptions of the available options.\n\n")" $cmd
if [[ $cmd == "repo-add" ]] ; then if [[ $cmd == "repo-add" ]] ; then
@ -204,7 +205,13 @@ create_signature() {
error "$(gettext "Cannot find the gpg binary! Is gnupg installed?")" error "$(gettext "Cannot find the gpg binary! Is gnupg installed?")"
exit 1 # $E_MISSING_PROGRAM exit 1 # $E_MISSING_PROGRAM
fi fi
gpg --detach-sign --use-agent "$dbfile" || ret=$?
local SIGNWITHKEY=""
if [[ -n $GPGKEY ]]; then
SIGNWITHKEY="-u ${GPGKEY}"
fi
gpg --detach-sign --use-agent ${SIGNWITHKEY} "$dbfile" &>/dev/null || ret=$?
if (( ! ret )); then if (( ! ret )); then
msg2 "$(gettext "Created signature file %s.")" "$dbfile.sig" msg2 "$(gettext "Created signature file %s.")" "$dbfile.sig"
else else
@ -542,26 +549,35 @@ trap 'trap_exit "$(gettext "An unknown error has occured. Exiting...")"' ERR
success=0 success=0
# parse arguments # parse arguments
for arg in "$@"; do while [[ $# > 0 ]]; do
case "$arg" in case "$1" in
-q|--quiet) QUIET=1;; -q|--quiet) QUIET=1;;
-d|--delta) DELTA=1;; -d|--delta) DELTA=1;;
-f|--files) WITHFILES=1;; -f|--files) WITHFILES=1;;
-s|--sign) SIGN=1;; -s|--sign) SIGN=1;;
-k|--key)
shift
GPGKEY="$1"
if ! gpg --list-key ${GPGKEY} &>/dev/null; then
error "$(gettext "The key ${GPGKEY} does not exist in your keyring.")"
exit 1
fi
;;
-v|--verify) VERIFY=1;; -v|--verify) VERIFY=1;;
*) *)
if [[ -z $REPO_DB_FILE ]]; then if [[ -z $REPO_DB_FILE ]]; then
REPO_DB_FILE="$arg" REPO_DB_FILE="$1"
LOCKFILE="$REPO_DB_FILE.lck" LOCKFILE="$REPO_DB_FILE.lck"
check_repo_db check_repo_db
else else
case "$cmd" in case "$cmd" in
repo-add) add $arg && success=1 ;; repo-add) add $1 && success=1 ;;
repo-remove) remove $arg && success=1 ;; repo-remove) remove $1 && success=1 ;;
esac esac
fi fi
;; ;;
esac esac
shift
done done
# if at least one operation was a success, re-zip database # if at least one operation was a success, re-zip database