summaryrefslogtreecommitdiff
path: root/doc/pacman-key.8.txt
Commit message (Collapse)AuthorAge
* pacman-key: add an additional plain text 'foo-trusted' fileDan McGee2011-09-22
| | | | | | | | | | | | | | | | This is similar to the 'foo-revoked' file we had. This will be used to inform the user what keys in the shipped keyring need to be explicitly trusted by the user. A distro such as Arch will likely have 3-4 master keys listed in this trusted file, but an additional 25 developer keys present in the keyring that the user shouldn't have to directly sign. We use this list to prompt the user to sign the keys locally. If the key is already signed locally gpg will print a bit of junk but will continue without pestering the user. Signed-off-by: Dan McGee <dan@archlinux.org>
* pacman-key: remove holdkeys functionalityDan McGee2011-09-22
| | | | | | | | | | | | | We're putting the cart ahead of the horse a bit here. Given that our keyring is not one where everything is implicitly trusted (ala gpgv), keeping or deleting a key has no bearing on its trusted status, only whether we can actually verify things signed by said key. If we need to address this down the road, we can find a solution that works for the problem at hand rather than trying to solve it now before signing is even widespread. Signed-off-by: Dan McGee <dan@archlinux.org>
* pacman-key: add --refresh-keys operationDan McGee2011-09-02
| | | | | | This allows new signatures to be pulled, revocations to be found, etc. Signed-off-by: Dan McGee <dan@archlinux.org>
* pacman-key: split keyserver to a separate optionDan McGee2011-09-02
| | | | | | | | This also renames '--receive' to '-recv-keys' to match the wrapped gpg option name, rather than invent a new one, now that the calling convention is the same. Signed-off-by: Dan McGee <dan@archlinux.org>
* pacman-key help and documentation cleanupDan McGee2011-09-02
| | | | | | | | | We were using the mystical [<foobar>] options which is some sort of cross between a <required> argument and an [optional] one. Remove this madness and do some other general cleanup/consistency work in the manpage. Signed-off-by: Dan McGee <dan@archlinux.org>
* pacman-key: document --lsign-keyDan McGee2011-09-02
| | | | Signed-off-by: Dan McGee <dan@archlinux.org>
* pacman-key: rework and document holding keys in keyringAllan McRae2011-08-29
| | | | | | | | | The HoldKey option was undocumented and was not suited for pacman.conf. Instead use the file "/etc/pacman.d/gnupg/heldkeys" to contain a list of keys not to be removed from the pacman keyring with the --populate option. Signed-off-by: Allan McRae <allan@archlinux.org>
* pacman-key: Improve documentation for --populateAllan McRae2011-08-29
| | | | Signed-off-by: Allan McRae <allan@archlinux.org>
* pacman-key: rework importing distro/repo provided keyringsAllan McRae2011-08-29
| | | | | | | | | | | | | | | | | The current --reload option, apart from being non-clear in its naming, is very limited in that only one keyring can be provided. A distribution may want to provide multiple keyrings for various subsets of its organisation or custom repo providers may also want to provide a keyring. This patch adds a --populate option that reads keyrings from (by default) /usr/share/pacman/keyrings. A keyring is named foo.gpg, with optional foo-revoked file providing a list of revoked key ids. These files are required to be signed (detached) by a key trusted by pacman-key, in practice probably by the key that signed the package providing these files. The --populate flag either updates the pacman keyring using all keyrings in the directory or individual keyrings can be specified. Signed-off-by: Allan McRae <allan@archlinux.org>
* Fix formatting in pacman-key manpageJakob Gruber2011-08-22
| | | | | Signed-off-by: Jakob Gruber <jakob.gruber@gmail.com> Signed-off-by: Dan McGee <dan@archlinux.org>
* pacman-key: follow gpg options for listing keysAllan McRae2011-08-02
| | | | | | | | | | | | | | The current --list option outputed the keys and all their signatures which can be overly verbose. It also did not take a list of keys on the command line to limit its output (although the code suggests that was intended). That patch brings consistency with gpg, providing --list-keys and --list-sigs options that function equivalently to those provided by gpg. Signed-off-by: Allan McRae <allan@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
* Unify modelines in Asciidoc filesDan McGee2011-07-28
| | | | | | | | | | | This gets us close to using the same modeline in all files we run through Asciidoc, as well as adding the spell and spelllang declarations, just as we had in NEWS already. The choice of 'en_us' is mainly for consistency and because the body of work already uses these spellings. Signed-off-by: Dan McGee <dan@archlinux.org>
* pacman-key: Add --import and --import-trustdbPang Yan Han2011-07-27
| | | | | | | | | | | | | | | | | Currently, pacman-key allows the user to import their keys using the --add option. However, no similar functionality exists for importing ownertrust values. The --import-trustdb option takes a list of directories and imports ownertrust values if the directories have a trustdb.gpg database. The --import option takes a list of directories and imports keys from pubring.gpg and ownertrust values from trustdb.gpg. Think of it as a combination of --add and --import-trustdb Signed-off-by: Pang Yan Han <pangyanhan@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
* pacman-key: add --init optionAllan McRae2011-07-19
| | | | | | | | Add an --init option that ensures that the pacman keyring has all the necessary files and they have the correct permissions for being read as a user. Signed-off-by: Allan McRae <allan@archlinux.org>
* pacman-key: add --verify optionAllan McRae2011-07-19
| | | | Signed-off-by: Allan McRae <allan@archlinux.org>
* pacman-key: update man pageAllan McRae2011-07-19
| | | | | | | Update man page to reflect current options. Also add a description on how to manually interact with the pacman keyring with gpg. Signed-off-by: Allan McRae <allan@archlinux.org>
* doc: monospace attribute escape fixesDan McGee2011-06-01
| | | | Signed-off-by: Dan McGee <dan@archlinux.org>
* Documentation formatting updatesDan McGee2011-03-27
| | | | | | | Be consistent in the Synopsis and Description sections with the use of quotes around command names. Signed-off-by: Dan McGee <dan@archlinux.org>
* pacman-key manpage updatesDan McGee2011-03-23
| | | | | | | Make consistent in formatting, syntax, and prose with the rest of our documentation. Signed-off-by: Dan McGee <dan@archlinux.org>
* Add man-page for pacman-keyGuillaume Alaux2011-03-23
Signed-off-by: Allan McRae <allan@archlinux.org>