summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDan McGee <dan@archlinux.org>2011-09-26 12:41:27 -0500
committerDan McGee <dan@archlinux.org>2011-10-05 21:55:53 -0500
commitab7d2890a47f051a892b05b4d551de0e5c5c8282 (patch)
tree32fe7bbe6d4d930351e6fa6561f6f472f709a3eb
parentcf0edb92ba349afad02e6bc1ca79da0cb6a72ea3 (diff)
downloadpacman-ab7d2890a47f051a892b05b4d551de0e5c5c8282.tar.xz
pacman-key: refine and clarify import/import-trustdb behavior
* --import now only imports keys from pubkey.gpg and does not import owner trust; if you want to have both simply run the operations in sequence. * --import-trustdb has been simplified; it will overwrite existing values in the trust database as before, but there is no need to export it first as those values are safe if left untouched. * Fix the manpage referring to a non-existent option. Signed-off-by: Dan McGee <dan@archlinux.org>
-rw-r--r--doc/pacman-key.8.txt9
-rw-r--r--scripts/pacman-key.sh.in13
2 files changed, 8 insertions, 14 deletions
diff --git a/doc/pacman-key.8.txt b/doc/pacman-key.8.txt
index 103a1fdd..d2da480f 100644
--- a/doc/pacman-key.8.txt
+++ b/doc/pacman-key.8.txt
@@ -61,11 +61,12 @@ Options
Output syntax and command line options.
*\--import* <dir(s)>::
- Adds keys from pubring.gpg into pacman's keyring and imports ownertrust
- values from trustdb.gpg in the specified directories.
+ Imports keys from `pubring.gpg` into the public keyring from the specified
+ directories.
-*\--import-dirs* <dir(s)> ::
- Imports ownertrust values from trustdb.gpg in the specified directories.
+*\--import-trustdb* <dir(s)> ::
+ Imports ownertrust values from `trustdb.gpg` into the shared trust database
+ from the specified directories.
*\--init*::
Ensure the keyring is properly initialized and has the required access
diff --git a/scripts/pacman-key.sh.in b/scripts/pacman-key.sh.in
index 7eebf7c8..da07492c 100644
--- a/scripts/pacman-key.sh.in
+++ b/scripts/pacman-key.sh.in
@@ -74,7 +74,7 @@ usage() {
echo "$(gettext " --edit-key <keyid(s)> Present a menu for key management task on keyids")"
printf "$(gettext " --gpgdir <dir> Set an alternate directory for GnuPG (instead\n\
of '%s')")\n" "@sysconfdir@/pacman.d/gnupg"
- echo "$(gettext " --import <dir(s)> Imports pubring.gpg and trustdb.gpg from dir(s)")"
+ echo "$(gettext " --import <dir(s)> Imports pubring.gpg from dir(s)")"
echo "$(gettext " --import-trustdb <dir(s)> Imports ownertrust values from trustdb.gpg in dir(s)")"
echo "$(gettext " --init Ensure the keyring is properly initialized")"
echo "$(gettext " --keyserver Specify a keyserver to use if necessary")"
@@ -343,30 +343,23 @@ edit_keys() {
import_trustdb() {
local importdir
- local trustdb=$(mktemp)
- "${GPG_PACMAN[@]}" --export-ownertrust > ${trustdb}
for importdir in "${IMPORT_DIRS[@]}"; do
if [[ -f "${importdir}/trustdb.gpg" ]]; then
- gpg --homedir "${importdir}" --export-ownertrust >> ${trustdb}
+ gpg --homedir "${importdir}" --export-ownertrust | \
+ "${GPG_PACMAN[@]}" --import-ownertrust -
fi
done
-
- "${GPG_PACMAN[@]}" --import-ownertrust ${trustdb}
- rm -f ${trustdb}
}
import() {
local importdir
- # Imports public keys, then import trustdbs
for importdir in "${IMPORT_DIRS[@]}"; do
if [[ -f "${importdir}/pubring.gpg" ]]; then
"${GPG_PACMAN[@]}" --quiet --batch --import "${importdir}/pubring.gpg"
fi
done
-
- import_trustdb
}
# PROGRAM START