diff options
| author | Matthew Sexton <wsdmatty@gmail.com> | 2019-11-04 05:43:00 +0100 |
|---|---|---|
| committer | Allan McRae <allan@archlinux.org> | 2019-11-05 05:13:10 +0100 |
| commit | e1f5f2198370400565c1eb4ca342299767383f65 (patch) | |
| tree | a7b2b5b7ca9e9c47bfde49b5e9bd25cd3e46fcd9 | |
| parent | 7be75523297875dacfad9083b0663a04bf823a3e (diff) | |
| download | pacman-e1f5f2198370400565c1eb4ca342299767383f65.tar.gz pacman-e1f5f2198370400565c1eb4ca342299767383f65.tar.xz | |
pacman-key: hide lsign and revoke output behind --verbose
To cut down on spam during --populate, both locally signing and
revoking keys now hide the specific keys being signed or revoked,
but can be shown with --verbose. A count was added, to show the
number of keys signed/revoked during the process.
Partially Implements:
FS#64142 - pacman-key: make populate less noisy
Signed-off-by: Matthew Sexton <wsdmatty@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
| -rw-r--r-- | scripts/pacman-key.sh.in | 19 |
1 files changed, 16 insertions, 3 deletions
diff --git a/scripts/pacman-key.sh.in b/scripts/pacman-key.sh.in index 05aab0c2..3627a805 100644 --- a/scripts/pacman-key.sh.in +++ b/scripts/pacman-key.sh.in @@ -51,6 +51,7 @@ REFRESH=0 UPDATEDB=0 USE_COLOR='y' VERIFY=0 +VERBOSE=0 usage() { printf "pacman-key (pacman) %s\n" ${myver} @@ -77,6 +78,7 @@ usage() { printf -- "$(gettext " --populate Reload the default keys from the (given) keyrings\n\ in '%s'")\n" "@pkgdatadir@/keyrings" printf -- "$(gettext " --refresh-keys Update specified or all keys from a keyserver")\n" + printf -- "$(gettext " --verbose Show extra information")\n" echo printf -- "$(gettext "Options:")\n" printf -- "$(gettext " --config <file> Use an alternate config file (instead of\n\ @@ -332,11 +334,16 @@ populate_keyring() { done if (( ${#revoked_ids[@]} > 0 )); then + local key_count=0 msg "$(gettext "Disabling revoked keys in keyring...")" for key_id in "${!revoked_ids[@]}"; do - msg2 "$(gettext "Disabling key %s...")" "${key_id}" + if (( VERBOSE )); then + msg2 "$(gettext "Disabling key %s...")" "${key_id}" + fi printf 'disable\nquit\n' | LANG=C "${GPG_PACMAN[@]}" --command-fd 0 --quiet --batch --edit-key "${key_id}" 2>/dev/null + key_count=$((key_count+1)) done + msg2 "$(gettext "Disabled %s keys.")" "${key_count}" fi } @@ -445,19 +452,24 @@ lsign_keys() { check_keyids_exist local ret=0 + local key_count=0 for key_id in "$@"; do - msg2 "$(gettext "Locally signing key %s...")" "${key_id}" + if (( VERBOSE )); then + msg2 "$(gettext "Locally signing key %s...")" "${key_id}" + fi # we cannot use --yes here as gpg would still ask for confirmation if a key has more than one uid printf 'y\ny\n' | LANG=C "${GPG_PACMAN[@]}" --command-fd 0 --quiet --batch --lsign-key "${key_id}" 2>/dev/null if (( PIPESTATUS[1] )); then error "$(gettext "%s could not be locally signed.")" "${key_id}" ret=1 fi + key_count=$((key_count+1)) done if (( ret )); then exit 1 fi + msg2 "$(gettext "Locally signed %s keys.")" "${key_count}" } receive_keys() { @@ -541,7 +553,7 @@ OPT_SHORT="adefhlruvV" OPT_LONG=('add' 'config:' 'delete' 'edit-key' 'export' 'finger' 'gpgdir:' 'help' 'import' 'import-trustdb' 'init' 'keyserver:' 'list-keys' 'list-sigs' 'lsign-key' 'nocolor' 'populate' 'recv-keys' 'refresh-keys' 'updatedb' - 'verify' 'version') + 'verbose' 'verify' 'version') if ! parseopts "$OPT_SHORT" "${OPT_LONG[@]}" -- "$@"; then exit 1 # E_INVALID_OPTION fi @@ -574,6 +586,7 @@ while (( $# )); do -r|--recv-keys) RECEIVE=1 UPDATEDB=1 ;; --refresh-keys) REFRESH=1 ;; -u|--updatedb) UPDATEDB=1 ;; + --verbose) VERBOSE=1 ;; -v|--verify) VERIFY=1 ;; -h|--help) usage; exit 0 ;; |