1
0
mirror of https://github.com/moparisthebest/pacman synced 2024-11-17 23:05:00 -05:00
Commit Graph

25 Commits

Author SHA1 Message Date
Dave Reisner
2d0a00b409 pacman-key: allow verification of multiple sig files
Loop through arguments passed to verify_sig and treat each as a
signature to be verified against a source file. Output each file as its
checked to avoid ambiguity.

Signed-off-by: Dave Reisner <dreisner@archlinux.org>
2012-04-24 08:38:36 -05:00
Dave Reisner
f61f075b1c pacman-key: adopt parseopts for option parsing
This requires an ugly amount of reworking of how pacman-key handles
options. The change simply to avoid passing keys, files, and directories
as arguments to options, but to leave them as arguments to the overall
program. This is reasonable since pacman-key limits the user to
essentially one operation per invocation (like pacman).

Since we now pass around the positional parameters to the various
operations, we can add some better sanity checking. Each operation is
responsible for testing input and making sure it can operate properly,
otherwise it throws an error and exits.

The doc is updated to reflect this, and uses similar verbiage as pacman,
describing the non-option arguments now passed to pacman-key as targets.

Similar to the doc, --help is reorganized to separate operations and
options and remove argument tokens from operations.

Signed-off-by: Dave Reisner <dreisner@archlinux.org>
2012-04-24 08:38:36 -05:00
Pierre Schmitz
1fe6cabc4d pacman-key: Remove useless signature verification in --populate command
Verifing the keyring at this point is useless as a malicious package is already
installed and as such has several options to bypass this check anyway.

Signed-off-by: Pierre Schmitz <pierre@archlinux.de>
Signed-off-by: Dan McGee <dan@archlinux.org>
2012-03-05 11:57:30 -06:00
Dan McGee
484d5ec624 pacman-key: treat foo-trusted as an ownertrust export file
This allows it to serve double-duty. In order to allow users to base
verification decisions off of both a valid signature and a trusted
signature, we need to assign some level of owner trust to the keys we
designate as trusted on import.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-10-05 22:00:52 -05:00
Dan McGee
ab7d2890a4 pacman-key: refine and clarify import/import-trustdb behavior
* --import now only imports keys from pubkey.gpg and does not import
  owner trust; if you want to have both simply run the operations in
  sequence.
* --import-trustdb has been simplified; it will overwrite existing
  values in the trust database as before, but there is no need to export
  it first as those values are safe if left untouched.
* Fix the manpage referring to a non-existent option.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-10-05 21:55:53 -05:00
Dan McGee
1df9b2aa79 pacman-key: add an additional plain text 'foo-trusted' file
This is similar to the 'foo-revoked' file we had. This will be used to
inform the user what keys in the shipped keyring need to be explicitly
trusted by the user.

A distro such as Arch will likely have 3-4 master keys listed in this
trusted file, but an additional 25 developer keys present in the keyring
that the user shouldn't have to directly sign.

We use this list to prompt the user to sign the keys locally. If the key
is already signed locally gpg will print a bit of junk but will continue
without pestering the user.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22 11:15:45 -05:00
Dan McGee
33685b960d pacman-key: remove holdkeys functionality
We're putting the cart ahead of the horse a bit here. Given that our
keyring is not one where everything is implicitly trusted (ala gpgv),
keeping or deleting a key has no bearing on its trusted status, only
whether we can actually verify things signed by said key.

If we need to address this down the road, we can find a solution that
works for the problem at hand rather than trying to solve it now before
signing is even widespread.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22 11:15:45 -05:00
Dan McGee
16fd66f879 pacman-key: add --refresh-keys operation
This allows new signatures to be pulled, revocations to be found, etc.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-02 21:44:04 -05:00
Dan McGee
d9545103b9 pacman-key: split keyserver to a separate option
This also renames '--receive' to '-recv-keys' to match the wrapped gpg
option name, rather than invent a new one, now that the calling
convention is the same.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-02 21:43:03 -05:00
Dan McGee
5a9b07b0e7 pacman-key help and documentation cleanup
We were using the mystical [<foobar>] options which is some sort of
cross between a <required> argument and an [optional] one. Remove this
madness and do some other general cleanup/consistency work in the
manpage.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-02 21:41:40 -05:00
Dan McGee
3c3ee6796a pacman-key: document --lsign-key
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-02 21:41:40 -05:00
Allan McRae
e1b9f7b300 pacman-key: rework and document holding keys in keyring
The HoldKey option was undocumented and was not suited for pacman.conf.
Instead use the file "/etc/pacman.d/gnupg/heldkeys" to contain a list
of keys not to be removed from the pacman keyring with the --populate
option.

Signed-off-by: Allan McRae <allan@archlinux.org>
2011-08-29 11:55:23 +10:00
Allan McRae
29dede2eb7 pacman-key: Improve documentation for --populate
Signed-off-by: Allan McRae <allan@archlinux.org>
2011-08-29 11:55:23 +10:00
Allan McRae
d1240f67ea pacman-key: rework importing distro/repo provided keyrings
The current --reload option, apart from being non-clear in its naming,
is very limited in that only one keyring can be provided.  A distribution
may want to provide multiple keyrings for various subsets of its
organisation or custom repo providers may also want to provide a keyring.

This patch adds a --populate option that reads keyrings from (by default)
/usr/share/pacman/keyrings.  A keyring is named foo.gpg, with optional
foo-revoked file providing a list of revoked key ids.  These files are
required to be signed (detached) by a key trusted by pacman-key, in
practice probably by the key that signed the package providing these
files. The --populate flag either updates the pacman keyring using all
keyrings in the directory or individual keyrings can be specified.

Signed-off-by: Allan McRae <allan@archlinux.org>
2011-08-29 11:55:22 +10:00
Jakob Gruber
dddd6a46a0 Fix formatting in pacman-key manpage
Signed-off-by: Jakob Gruber <jakob.gruber@gmail.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-22 13:15:15 -05:00
Allan McRae
c55cbfbd5f pacman-key: follow gpg options for listing keys
The current --list option outputed the keys and all their signatures
which can be overly verbose.  It also did not take a list of keys on
the command line to limit its output (although the code suggests that
was intended).

That patch brings consistency with gpg, providing --list-keys and
--list-sigs options that function equivalently to those provided by
gpg.

Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-02 08:20:42 -04:00
Dan McGee
cd8747ba6d Unify modelines in Asciidoc files
This gets us close to using the same modeline in all files we run
through Asciidoc, as well as adding the spell and spelllang
declarations, just as we had in NEWS already.

The choice of 'en_us' is mainly for consistency and because the body of
work already uses these spellings.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-07-28 11:42:08 -05:00
Pang Yan Han
804e2505cf pacman-key: Add --import and --import-trustdb
Currently, pacman-key allows the user to import their keys using the --add
option. However, no similar functionality exists for importing ownertrust
values.

The --import-trustdb option takes a list of directories and imports ownertrust
values if the directories have a trustdb.gpg database.

The --import option takes a list of directories and imports keys from
pubring.gpg and ownertrust values from trustdb.gpg. Think of it as a combination
of --add and --import-trustdb

Signed-off-by: Pang Yan Han <pangyanhan@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-07-27 12:47:53 -05:00
Allan McRae
0c9e86bab1 pacman-key: add --init option
Add an --init option that ensures that the pacman keyring has all
the necessary files and they have the correct permissions for being
read as a user.

Signed-off-by: Allan McRae <allan@archlinux.org>
2011-07-19 10:27:54 +10:00
Allan McRae
0e85c4989b pacman-key: add --verify option
Signed-off-by: Allan McRae <allan@archlinux.org>
2011-07-19 10:27:54 +10:00
Allan McRae
7963c5d000 pacman-key: update man page
Update man page to reflect current options.  Also add a description
on how to manually interact with the pacman keyring with gpg.

Signed-off-by: Allan McRae <allan@archlinux.org>
2011-07-19 10:27:53 +10:00
Dan McGee
8f1c873b5f doc: monospace attribute escape fixes
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-06-01 12:56:38 -05:00
Dan McGee
c3ae209246 Documentation formatting updates
Be consistent in the Synopsis and Description sections with the use of
quotes around command names.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-03-27 21:27:15 -05:00
Dan McGee
b625d03dd6 pacman-key manpage updates
Make consistent in formatting, syntax, and prose with the rest of our
documentation.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-03-23 01:59:43 -05:00
Guillaume Alaux
482da2eceb Add man-page for pacman-key
Signed-off-by: Allan McRae <allan@archlinux.org>
2011-03-23 01:59:42 -05:00