summaryrefslogtreecommitdiff
path: root/scripts
diff options
context:
space:
mode:
authorDan McGee <dan@archlinux.org>2011-09-21 17:53:44 -0500
committerDan McGee <dan@archlinux.org>2011-09-22 11:15:45 -0500
commit33685b960d3f05841cfac5696a0946396c448a34 (patch)
treee44b8f3c85733e2fdee22a165a4cafcd836e835d /scripts
parent595e1a437fab8d489736eff4811903aea4f5a38f (diff)
downloadpacman-33685b960d3f05841cfac5696a0946396c448a34.tar.xz
pacman-key: remove holdkeys functionality
We're putting the cart ahead of the horse a bit here. Given that our keyring is not one where everything is implicitly trusted (ala gpgv), keeping or deleting a key has no bearing on its trusted status, only whether we can actually verify things signed by said key. If we need to address this down the road, we can find a solution that works for the problem at hand rather than trying to solve it now before signing is even widespread. Signed-off-by: Dan McGee <dan@archlinux.org>
Diffstat (limited to 'scripts')
-rw-r--r--scripts/pacman-key.sh.in12
1 files changed, 0 insertions, 12 deletions
diff --git a/scripts/pacman-key.sh.in b/scripts/pacman-key.sh.in
index ad2eefe4..72725154 100644
--- a/scripts/pacman-key.sh.in
+++ b/scripts/pacman-key.sh.in
@@ -288,18 +288,6 @@ populate_keyring() {
fi
done
- # Read list of keys that must be kept installed and remove them from the list
- # of keys to be removed
- if [[ -f "${PACMAN_KEYRING_DIR}/holdkeys" ]]; then
- while read key; do
- key_id="$("${GPG_PACMAN[@]}" --quiet --with-colons --list-key "${key}" 2>/dev/null | grep ^pub | cut -d: -f5)"
- if [[ -n "${revoked_ids[$key_id]}" ]]; then
- unset revoked_ids[$key_id]
- fi
- done < "${PACMAN_KEYRING_DIR}/holdkeys"
- fi
-
- # Remove the keys not marked to keep
if (( ${#revoked_ids[@]} > 0 )); then
msg "$(gettext "Disabling revoked keys in keyring...")"
for key_id in "${!revoked_ids[@]}"; do