diff options
Diffstat (limited to 'scripts')
| -rw-r--r-- | scripts/pacman-key.sh.in | 43 |
1 files changed, 40 insertions, 3 deletions
diff --git a/scripts/pacman-key.sh.in b/scripts/pacman-key.sh.in index ab0318e6..e6a4691b 100644 --- a/scripts/pacman-key.sh.in +++ b/scripts/pacman-key.sh.in @@ -32,6 +32,8 @@ DELETE=0 EDITKEY=0 EXPORT=0 FINGER=0 +IMPORT=0 +IMPORT_TRUSTDB=0 INIT=0 LIST=0 RECEIVE=0 @@ -66,6 +68,8 @@ usage() { echo "$(gettext " --edit-key <keyid(s)> Present a menu for key management task on keyids")" echo "$(gettext " --gpgdir <dir> Set an alternate directory for gnupg")" printf "$(gettext " (instead of '%s')")\n" "@sysconfdir@/pacman.d/gnupg" + echo "$(gettext " --import <dir(s)> Imports pubring.gpg and trustdb.gpg from dir(s)")" + echo "$(gettext " --import-trustdb <dir(s)> Imports ownertrust values from trustdb.gpg in dir(s)")" echo "$(gettext " --init Ensure the keyring is properly initialized")" echo "$(gettext " --reload Reload the default keys")" } @@ -278,6 +282,34 @@ edit_keys() { done } +import_trustdb() { + local importdir + local trustdb=$(mktemp) + "${GPG_PACMAN[@]}" --export-ownertrust > ${trustdb} + + for importdir in "${IMPORT_DIRS[@]}"; do + if [[ -f "${importdir}/trustdb.gpg" ]]; then + gpg --homedir "${importdir}" --export-ownertrust >> ${trustdb} + fi + done + + "${GPG_PACMAN[@]}" --import-ownertrust ${trustdb} + rm -f ${trustdb} +} + +import() { + local importdir + + # Imports public keys, then import trustdbs + for importdir in "${IMPORT_DIRS[@]}"; do + if [[ -f "${importdir}/pubring.gpg" ]]; then + "${GPG_PACMAN[@]}" --quiet --batch --import "${importdir}/pubring.gpg" + fi + done + + import_trustdb +} + # PROGRAM START if ! type gettext &>/dev/null; then gettext() { @@ -287,7 +319,8 @@ fi OPT_SHORT="a::d:e:f::hlr:uv:V" OPT_LONG="add::,config:,delete:,edit-key:,export::,finger::,gpgdir:" -OPT_LONG+=",help,init,list,receive:,reload,updatedb,verify:,version" +OPT_LONG+=",help,import:,import-trustdb:,init,list,receive:,reload,updatedb" +OPT_LONG+=",verify:,version" if ! OPT_TEMP="$(parse_options $OPT_SHORT $OPT_LONG "$@")"; then echo; usage; exit 1 # E_INVALID_OPTION; fi @@ -308,6 +341,8 @@ while true; do -e|--export) EXPORT=1; [[ -n $2 && ${2:0:1} != "-" ]] && shift && KEYIDS=($1) ;; -f|--finger) FINGER=1; [[ -n $2 && ${2:0:1} != "-" ]] && shift && KEYIDS=($1) ;; --gpgdir) shift; PACMAN_KEYRING_DIR=$1 ;; + --import) IMPORT=1; shift; IMPORT_DIRS=($1) ;; + --import-trustdb) IMPORT_TRUSTDB=1; shift; IMPORT_DIRS=($1) ;; --init) INIT=1 ;; -l|--list) LIST=1 ;; -r|--receive) RECEIVE=1; shift; TMP=($1); KEYSERVER=${TMP[0]}; KEYIDS=(${TMP[@]:1}); unset TMP;; @@ -330,7 +365,7 @@ if ! type -p gpg >/dev/null; then exit 1 fi -if (( (ADD || DELETE || EDITKEY || INIT || RECEIVE || RELOAD || UPDATEDB) && EUID != 0 )); then +if (( (ADD || DELETE || EDITKEY || IMPORT || IMPORT_TRUSTDB || INIT || RECEIVE || RELOAD || UPDATEDB) && EUID != 0 )); then error "$(gettext "%s needs to be run as root for this operation.")" "pacman-key" exit 1 fi @@ -348,7 +383,7 @@ PACMAN_KEYRING_DIR=${PACMAN_KEYRING_DIR:-$(get_from "$CONFIG" "GPGDir" || echo " GPG_PACMAN=(gpg --homedir ${PACMAN_KEYRING_DIR} --no-permission-warning) # check only a single operation has been given -numopt=$(( ADD + DELETE + EDITKEY + EXPORT + FINGER + INIT + LIST + RECEIVE + RELOAD + UPDATEDB + VERIFY )) +numopt=$(( ADD + DELETE + EDITKEY + EXPORT + FINGER + IMPORT + IMPORT_TRUSTDB + INIT + LIST + RECEIVE + RELOAD + UPDATEDB + VERIFY )) case $numopt in 0) @@ -369,6 +404,8 @@ esac (( EDITKEY )) && edit_keys (( EXPORT )) && "${GPG_PACMAN[@]}" --armor --export "${KEYIDS[@]}" (( FINGER )) && "${GPG_PACMAN[@]}" --batch --fingerprint "${KEYIDS[@]}" +(( IMPORT )) && import +(( IMPORT_TRUSTDB)) && import_trustdb (( INIT )) && initialize (( LIST )) && "${GPG_PACMAN[@]}" --batch --list-sigs "${KEYIDS[@]}" (( RECEIVE )) && receive_keys |