diff options
author | Dan McGee <dan@archlinux.org> | 2011-09-26 12:41:27 -0500 |
---|---|---|
committer | Dan McGee <dan@archlinux.org> | 2011-10-05 21:55:53 -0500 |
commit | ab7d2890a47f051a892b05b4d551de0e5c5c8282 (patch) | |
tree | 32fe7bbe6d4d930351e6fa6561f6f472f709a3eb | |
parent | cf0edb92ba349afad02e6bc1ca79da0cb6a72ea3 (diff) | |
download | pacman-ab7d2890a47f051a892b05b4d551de0e5c5c8282.tar.xz |
pacman-key: refine and clarify import/import-trustdb behavior
* --import now only imports keys from pubkey.gpg and does not import
owner trust; if you want to have both simply run the operations in
sequence.
* --import-trustdb has been simplified; it will overwrite existing
values in the trust database as before, but there is no need to export
it first as those values are safe if left untouched.
* Fix the manpage referring to a non-existent option.
Signed-off-by: Dan McGee <dan@archlinux.org>
-rw-r--r-- | doc/pacman-key.8.txt | 9 | ||||
-rw-r--r-- | scripts/pacman-key.sh.in | 13 |
2 files changed, 8 insertions, 14 deletions
diff --git a/doc/pacman-key.8.txt b/doc/pacman-key.8.txt index 103a1fdd..d2da480f 100644 --- a/doc/pacman-key.8.txt +++ b/doc/pacman-key.8.txt @@ -61,11 +61,12 @@ Options Output syntax and command line options. *\--import* <dir(s)>:: - Adds keys from pubring.gpg into pacman's keyring and imports ownertrust - values from trustdb.gpg in the specified directories. + Imports keys from `pubring.gpg` into the public keyring from the specified + directories. -*\--import-dirs* <dir(s)> :: - Imports ownertrust values from trustdb.gpg in the specified directories. +*\--import-trustdb* <dir(s)> :: + Imports ownertrust values from `trustdb.gpg` into the shared trust database + from the specified directories. *\--init*:: Ensure the keyring is properly initialized and has the required access diff --git a/scripts/pacman-key.sh.in b/scripts/pacman-key.sh.in index 7eebf7c8..da07492c 100644 --- a/scripts/pacman-key.sh.in +++ b/scripts/pacman-key.sh.in @@ -74,7 +74,7 @@ usage() { echo "$(gettext " --edit-key <keyid(s)> Present a menu for key management task on keyids")" printf "$(gettext " --gpgdir <dir> Set an alternate directory for GnuPG (instead\n\ of '%s')")\n" "@sysconfdir@/pacman.d/gnupg" - echo "$(gettext " --import <dir(s)> Imports pubring.gpg and trustdb.gpg from dir(s)")" + echo "$(gettext " --import <dir(s)> Imports pubring.gpg from dir(s)")" echo "$(gettext " --import-trustdb <dir(s)> Imports ownertrust values from trustdb.gpg in dir(s)")" echo "$(gettext " --init Ensure the keyring is properly initialized")" echo "$(gettext " --keyserver Specify a keyserver to use if necessary")" @@ -343,30 +343,23 @@ edit_keys() { import_trustdb() { local importdir - local trustdb=$(mktemp) - "${GPG_PACMAN[@]}" --export-ownertrust > ${trustdb} for importdir in "${IMPORT_DIRS[@]}"; do if [[ -f "${importdir}/trustdb.gpg" ]]; then - gpg --homedir "${importdir}" --export-ownertrust >> ${trustdb} + gpg --homedir "${importdir}" --export-ownertrust | \ + "${GPG_PACMAN[@]}" --import-ownertrust - fi done - - "${GPG_PACMAN[@]}" --import-ownertrust ${trustdb} - rm -f ${trustdb} } import() { local importdir - # Imports public keys, then import trustdbs for importdir in "${IMPORT_DIRS[@]}"; do if [[ -f "${importdir}/pubring.gpg" ]]; then "${GPG_PACMAN[@]}" --quiet --batch --import "${importdir}/pubring.gpg" fi done - - import_trustdb } # PROGRAM START |