summaryrefslogtreecommitdiff
path: root/export-pkgbuild-keys.in
diff options
context:
space:
mode:
authorLevente Polyak <anthraxx@archlinux.org>2022-06-09 21:02:56 +0200
committerLevente Polyak <anthraxx@archlinux.org>2022-06-09 21:10:03 +0200
commit01b6196883d0e44b9f8f17c7f4f28df27ab5ac14 (patch)
treeff1920877b36e5444f7a4403101a0a65784d6e69 /export-pkgbuild-keys.in
parent8d4c46d3689c5b859587c54f2741555f75479db4 (diff)
downloaddevtools-01b6196883d0e44b9f8f17c7f4f28df27ab5ac14.tar.xz
export-pkgbuild-keys: use TEMPDIR while exporting key
This avoids the possibility to pollute the keys directory with temporary files if the script is aborted in between. Signed-off-by: Levente Polyak <anthraxx@archlinux.org>
Diffstat (limited to 'export-pkgbuild-keys.in')
-rw-r--r--export-pkgbuild-keys.in9
1 files changed, 6 insertions, 3 deletions
diff --git a/export-pkgbuild-keys.in b/export-pkgbuild-keys.in
index b5b1240..c10e4d1 100644
--- a/export-pkgbuild-keys.in
+++ b/export-pkgbuild-keys.in
@@ -45,16 +45,19 @@ if (( ${#validpgpkeys[@]} == 0 )); then
exit 0
fi
+trap 'rm -rf $TEMPDIR' EXIT INT TERM QUIT
+TEMPDIR=$(mktemp -d --tmpdir export-pkgbuild-keys.XXXXXXXXXX)
+
mkdir -p keys/pgp
error=0
for key in "${validpgpkeys[@]}"; do
- gpg --output "keys/pgp/$key.asc.tmp" --armor --export --export-options export-minimal "$key" 2>/dev/null
+ gpg --output "$TEMPDIR/$key.asc" --armor --export --export-options export-minimal "$key" 2>/dev/null
# gpg does not give a non-zero return value if it fails to export...
- if [[ -f keys/pgp/$key.asc.tmp ]]; then
+ if [[ -f $TEMPDIR/$key.asc ]]; then
msg2 "Exported $key"
- mv "keys/pgp/$key.asc.tmp" "keys/pgp/$key.asc"
+ mv "$TEMPDIR/$key.asc" "keys/pgp/$key.asc"
else
if [[ -f keys/pgp/$key.asc ]]; then
warning "Failed to update key: $key"