diff options
| author | Dan McGee <dan@archlinux.org> | 2011-09-01 22:29:25 +0200 |
|---|---|---|
| committer | Dan McGee <dan@archlinux.org> | 2011-09-03 04:44:04 +0200 |
| commit | 16fd66f879abd52a636ba00cd782b37b1fcf8a65 (patch) | |
| tree | 6508aebb0f8b4350787585dbd9e870a88db61092 | |
| parent | d9545103b9a9517cb8996562d990431094027663 (diff) | |
| download | pacman-16fd66f879abd52a636ba00cd782b37b1fcf8a65.tar.gz pacman-16fd66f879abd52a636ba00cd782b37b1fcf8a65.tar.xz | |
pacman-key: add --refresh-keys operation
This allows new signatures to be pulled, revocations to be found, etc.
Signed-off-by: Dan McGee <dan@archlinux.org>
| -rw-r--r-- | doc/pacman-key.8.txt | 3 | ||||
| -rw-r--r-- | scripts/pacman-key.sh.in | 11 |
2 files changed, 11 insertions, 3 deletions
diff --git a/doc/pacman-key.8.txt b/doc/pacman-key.8.txt index 824f0b3b..5f947284 100644 --- a/doc/pacman-key.8.txt +++ b/doc/pacman-key.8.txt @@ -90,6 +90,9 @@ Options *-r, \--recv-keys* <keyid(s)>:: Equivalent to '\--recv-keys' in GnuPG. +*\--refresh-keys* [keyid(s)]:: + Equivalent to '\--refresh-keys' in GnuPG. + *\--populate* [keyring(s)]:: Reload the default keys from the (optionally provided) keyrings in +{pkgdatadir}/keyrings+. For more information, see diff --git a/scripts/pacman-key.sh.in b/scripts/pacman-key.sh.in index a757b719..2a78803b 100644 --- a/scripts/pacman-key.sh.in +++ b/scripts/pacman-key.sh.in @@ -41,6 +41,7 @@ LISTSIGS=0 LSIGNKEY=0 POPULATE=0 RECEIVE=0 +REFRESH=0 UPDATEDB=0 VERIFY=0 @@ -81,6 +82,7 @@ usage() { echo "$(gettext " --lsign-key <keyid> Locally sign the specified keyid")" printf "$(gettext " --populate [keyring(s)] Reload the default keys from the (given) keyrings\n\ in '%s'")\n" "@pkgdatadir@/keyrings" + echo "$(gettext " --refresh-keys [keyid(s)] Update specified or all keys from a keyserver")" } version() { @@ -363,7 +365,8 @@ fi OPT_SHORT="a::d:e:f::hl::r:uv:V" OPT_LONG="add::,config:,delete:,edit-key:,export::,finger::,gpgdir:" OPT_LONG+=",help,import:,import-trustdb:,init,keyserver:,list-keys::,list-sigs::" -OPT_LONG+=",lsign-key:,populate::,recv-keys:,updatedb,verify:,version" +OPT_LONG+=",lsign-key:,populate::,recv-keys:,refresh-keys::,updatedb" +OPT_LONG+=",verify:,version" if ! OPT_TEMP="$(parse_options $OPT_SHORT $OPT_LONG "$@")"; then echo; usage; exit 1 # E_INVALID_OPTION; fi @@ -393,6 +396,7 @@ while true; do --lsign-key) LSIGNKEY=1; shift; KEYIDS=($1); UPDATEDB=1 ;; --populate) POPULATE=1; [[ -n $2 && ${2:0:1} != "-" ]] && shift && KEYRINGIDS=($1); UPDATEDB=1 ;; -r|--recv-keys) RECEIVE=1; shift; KEYIDS=($1); UPDATEDB=1 ;; + --refresh-keys) REFRESH=1; [[ -n $2 && ${2:0:1} != "-" ]] && shift && KEYIDS=($1) ;; -u|--updatedb) UPDATEDB=1 ;; -v|--verify) VERIFY=1; shift; SIGNATURE=$1 ;; @@ -411,7 +415,7 @@ if ! type -p gpg >/dev/null; then exit 1 fi -if (( (ADD || DELETE || EDITKEY || IMPORT || IMPORT_TRUSTDB || INIT || LSIGNKEY || POPULATE || RECEIVE || UPDATEDB) && EUID != 0 )); then +if (( (ADD || DELETE || EDITKEY || IMPORT || IMPORT_TRUSTDB || INIT || LSIGNKEY || POPULATE || RECEIVE || REFRESH || UPDATEDB) && EUID != 0 )); then error "$(gettext "%s needs to be run as root for this operation.")" "pacman-key" exit 1 fi @@ -434,7 +438,7 @@ fi # check only a single operation has been given # don't include UPDATEDB in here as other opts can induce it numopt=$(( ADD + DELETE + EDITKEY + EXPORT + FINGER + IMPORT + IMPORT_TRUSTDB + - INIT + LISTKEYS + LISTSIGS + LSIGNKEY + POPULATE + RECEIVE + VERIFY )) + INIT + LISTKEYS + LISTSIGS + LSIGNKEY + POPULATE + RECEIVE + REFRESH + VERIFY )) case $numopt in 0) @@ -466,6 +470,7 @@ esac (( LSIGNKEY )) && "${GPG_PACMAN[@]}" --lsign-key "${KEYIDS[@]}" (( POPULATE )) && populate_keyring (( RECEIVE )) && "${GPG_PACMAN[@]}" --recv-keys "${KEYIDS[@]}" +(( REFRESH )) && "${GPG_PACMAN[@]}" --refresh-keys "${KEYIDS[@]}" (( VERIFY )) && "${GPG_PACMAN[@]}" --verify $SIGNATURE if (( UPDATEDB )); then |