diff options
| author | Pierre Schmitz <pierre@archlinux.de> | 2011-12-18 14:16:30 +0100 |
|---|---|---|
| committer | Pierre Schmitz <pierre@archlinux.de> | 2011-12-18 14:16:30 +0100 |
| commit | 2b7bb0c6b7aa4f7a43c82db1cf9a18d27600c62e (patch) | |
| tree | 215c7aacc2d23b6b553f8b1f1d033273fea571cd /db-functions | |
| parent | a8b219b325cd642a781a64d8e08a0e66d25c1b44 (diff) | |
| download | dbscripts-2b7bb0c6b7aa4f7a43c82db1cf9a18d27600c62e.tar.gz dbscripts-2b7bb0c6b7aa4f7a43c82db1cf9a18d27600c62e.tar.xz | |
Validate package signatures on db-update
Diffstat (limited to 'db-functions')
| -rw-r--r-- | db-functions | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/db-functions b/db-functions index a3e2168..7c4a7fe 100644 --- a/db-functions +++ b/db-functions @@ -466,6 +466,21 @@ check_repo_permission() { return 0 } +check_pkgsig() { + local signature=$1 + local ret=1 + local fd="$(mktemp --tmpdir="${WORKDIR}")" + + exec 4>"${fd}" + gpg --homedir /etc/pacman.d/gnupg/ --status-fd 4 --verify "${signature}" >/dev/null 2>&1 + exec 4>&- + if grep -q TRUST_FULLY "${fd}"; then + ret=0 + fi + + return $ret +} + set_repo_permission() { local repo=$1 local arch=$2 |