summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDave Reisner <dreisner@archlinux.org>2012-04-08 20:03:27 +0200
committerDan McGee <dan@archlinux.org>2012-04-09 04:46:15 +0200
commitca090e10d264e4999e321b0a0b43736a34aa11d9 (patch)
treeec3b34991f16829c0fb4e9a1c16bd5cdf96c5400
parentf053141c8744b3f15ffdf488705fb7606cf1ab35 (diff)
downloadpacman-ca090e10d264e4999e321b0a0b43736a34aa11d9.tar.gz
pacman-ca090e10d264e4999e321b0a0b43736a34aa11d9.tar.xz
pacman-key: avoid use of tempfile in verify_sig
Use --status-fd rather than --status-file to keep this contained in a pipeline. Signed-off-by: Dave Reisner <dreisner@archlinux.org>
-rw-r--r--scripts/pacman-key.sh.in6
1 files changed, 1 insertions, 5 deletions
diff --git a/scripts/pacman-key.sh.in b/scripts/pacman-key.sh.in
index 1a2bac34..87d7658f 100644
--- a/scripts/pacman-key.sh.in
+++ b/scripts/pacman-key.sh.in
@@ -439,14 +439,10 @@ refresh_keys() {
}
verify_sig() {
- local fd="$(mktemp)"
- "${GPG_PACMAN[@]}" --status-file "${fd}" --verify $SIGNATURE
- if ! grep -qE 'TRUST_(FULLY|ULTIMATE)' "${fd}"; then
- rm -f "${fd}"
+ if ! "${GPG_PACMAN[@]}" --status-fd 1 --verify $SIGNATURE | grep -qE 'TRUST_(FULLY|ULTIMATE)'; then
error "$(gettext "The signature identified by %s could not be verified.")" "$SIGNATURE"
exit 1
fi
- rm -f "${fd}"
}
updatedb() {