pacman-key: update trust database for relevant operations
After most operations that touch the keyring, it is a good idea to always run a check on the trustdb as this prevents gpg complaining on later operations. Inspiration-from: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
This commit is contained in:
parent
710e83999b
commit
cab1379a1a
|
@ -253,10 +253,6 @@ populate_keyring() {
|
||||||
"${GPG_PACMAN[@]}" --quiet --batch --yes --delete-key "${key_id}"
|
"${GPG_PACMAN[@]}" --quiet --batch --yes --delete-key "${key_id}"
|
||||||
done
|
done
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Update trustdb, just to be sure
|
|
||||||
msg "$(gettext "Updating trust database...")"
|
|
||||||
"${GPG_PACMAN[@]}" --batch --check-trustdb
|
|
||||||
}
|
}
|
||||||
|
|
||||||
receive_keys() {
|
receive_keys() {
|
||||||
|
@ -335,20 +331,20 @@ fi
|
||||||
|
|
||||||
while true; do
|
while true; do
|
||||||
case "$1" in
|
case "$1" in
|
||||||
-a|--add) ADD=1; [[ -n $2 && ${2:0:1} != "-" ]] && shift && KEYFILES=($1) ;;
|
-a|--add) ADD=1; [[ -n $2 && ${2:0:1} != "-" ]] && shift && KEYFILES=($1); UPDATEDB=1 ;;
|
||||||
--config) shift; CONFIG=$1 ;;
|
--config) shift; CONFIG=$1 ;;
|
||||||
-d|--delete) DELETE=1; shift; KEYIDS=($1) ;;
|
-d|--delete) DELETE=1; shift; KEYIDS=($1); UPDATEDB=1 ;;
|
||||||
--edit-key) EDITKEY=1; shift; KEYIDS=($1) ;;
|
--edit-key) EDITKEY=1; shift; KEYIDS=($1); UPDATEDB=1 ;;
|
||||||
-e|--export) EXPORT=1; [[ -n $2 && ${2:0:1} != "-" ]] && shift && KEYIDS=($1) ;;
|
-e|--export) EXPORT=1; [[ -n $2 && ${2:0:1} != "-" ]] && shift && KEYIDS=($1) ;;
|
||||||
-f|--finger) FINGER=1; [[ -n $2 && ${2:0:1} != "-" ]] && shift && KEYIDS=($1) ;;
|
-f|--finger) FINGER=1; [[ -n $2 && ${2:0:1} != "-" ]] && shift && KEYIDS=($1) ;;
|
||||||
--gpgdir) shift; PACMAN_KEYRING_DIR=$1 ;;
|
--gpgdir) shift; PACMAN_KEYRING_DIR=$1 ;;
|
||||||
--import) IMPORT=1; shift; IMPORT_DIRS=($1) ;;
|
--import) IMPORT=1; shift; IMPORT_DIRS=($1); UPDATEDB=1 ;;
|
||||||
--import-trustdb) IMPORT_TRUSTDB=1; shift; IMPORT_DIRS=($1) ;;
|
--import-trustdb) IMPORT_TRUSTDB=1; shift; IMPORT_DIRS=($1); UPDATEDB=1 ;;
|
||||||
--init) INIT=1 ;;
|
--init) INIT=1 ;;
|
||||||
-l|--list-keys) LISTKEYS=1; [[ -n $2 && ${2:0:1} != "-" ]] && shift && KEYIDS=($1) ;;
|
-l|--list-keys) LISTKEYS=1; [[ -n $2 && ${2:0:1} != "-" ]] && shift && KEYIDS=($1) ;;
|
||||||
--list-sigs) LISTSIGS=1; [[ -n $2 && ${2:0:1} != "-" ]] && shift && KEYIDS=($1) ;;
|
--list-sigs) LISTSIGS=1; [[ -n $2 && ${2:0:1} != "-" ]] && shift && KEYIDS=($1) ;;
|
||||||
--populate) POPULATE=1; [[ -n $2 && ${2:0:1} != "-" ]] && shift && KEYRINGIDS=($1) ;;
|
--populate) POPULATE=1; [[ -n $2 && ${2:0:1} != "-" ]] && shift && KEYRINGIDS=($1); UPDATEDB=1 ;;
|
||||||
-r|--receive) RECEIVE=1; shift; TMP=($1); KEYSERVER=${TMP[0]}; KEYIDS=(${TMP[@]:1}); unset TMP;;
|
-r|--receive) RECEIVE=1; shift; TMP=($1); KEYSERVER=${TMP[0]}; KEYIDS=(${TMP[@]:1}); unset TMP; UPDATEDB=1 ;;
|
||||||
-u|--updatedb) UPDATEDB=1 ;;
|
-u|--updatedb) UPDATEDB=1 ;;
|
||||||
-v|--verify) VERIFY=1; shift; SIGNATURE=$1 ;;
|
-v|--verify) VERIFY=1; shift; SIGNATURE=$1 ;;
|
||||||
|
|
||||||
|
@ -414,7 +410,8 @@ esac
|
||||||
(( LISTSIGS )) && "${GPG_PACMAN[@]}" --batch --list-sigs "${KEYIDS[@]}"
|
(( LISTSIGS )) && "${GPG_PACMAN[@]}" --batch --list-sigs "${KEYIDS[@]}"
|
||||||
(( POPULATE )) && populate_keyring
|
(( POPULATE )) && populate_keyring
|
||||||
(( RECEIVE )) && receive_keys
|
(( RECEIVE )) && receive_keys
|
||||||
(( UPDATEDB )) && "${GPG_PACMAN[@]}" --batch --check-trustdb
|
|
||||||
(( VERIFY )) && "${GPG_PACMAN[@]}" --verify $SIGNATURE
|
(( VERIFY )) && "${GPG_PACMAN[@]}" --verify $SIGNATURE
|
||||||
|
|
||||||
|
(( UPDATEDB )) && "${GPG_PACMAN[@]}" --batch --check-trustdb
|
||||||
|
|
||||||
# vim: set ts=2 sw=2 noet:
|
# vim: set ts=2 sw=2 noet:
|
||||||
|
|
Loading…
Reference in New Issue