summaryrefslogtreecommitdiff
path: root/doc/pacman-key.8.asciidoc
AgeCommit message (Collapse)Author
2018-11-03pacman-key: just accept one file to verify, and enforce detached sigsEli Schwartz
Simply pass options on to gpg the same way gpg uses them -- no looping through and checking lots of signatures. This prevents a situation where the signature file to be verified is manipulated to contain an embedded signature which is valid, but not a detached signature for the file you are actually trying to verify. gpg does not offer an option to verify many files at once by naming each signature/file pair, and there's no reason for us to do so either, since it would be quite tiresome to do so. In the event that there is no signature/file pair specified to pacman-key itself, - preserve gpg's behavior, *if* the matching file does not exist, by - assuming the signature is an embedded signature - deviate from gpg's behavior, by - offering a security warning about which one is happening - when there is an embedded signature *and* a matching detached file, assume the latter is desired Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
2018-05-14Ensure better text editor automatic filetype detectionEli Schwartz
Since we no longer use vim-specific modelines, use the .asciidoc file extension which is, well, reserved for asciidoc formatted files. This should presumably work everywhere without needing editor-specific workarounds and configuration. Also add a shebang to makepkg.conf to indicate it contains bash content. Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>