update-keys: move armor to gpg.conf
This option only affects --export, and we always use armored keys. Signed-off-by: Christian Hesse <mail@eworm.de>
This commit is contained in:
parent
cca61ee733
commit
c4264b6784
10
update-keys
10
update-keys
@ -17,6 +17,8 @@ no-tty
|
|||||||
no-permission-warning
|
no-permission-warning
|
||||||
export-options no-export-attributes,export-clean
|
export-options no-export-attributes,export-clean
|
||||||
keyserver ${KEYSERVER}
|
keyserver ${KEYSERVER}
|
||||||
|
armor
|
||||||
|
no-emit-version
|
||||||
__EOF__
|
__EOF__
|
||||||
|
|
||||||
pushd "$(dirname "$0")" >/dev/null
|
pushd "$(dirname "$0")" >/dev/null
|
||||||
@ -56,7 +58,7 @@ while read -ra data; do
|
|||||||
username="${data[@]:1}"
|
username="${data[@]:1}"
|
||||||
printf 'minimize\nquit\ny\n' | "${GPG[@]}" --command-fd 0 --edit-key ${keyid}
|
printf 'minimize\nquit\ny\n' | "${GPG[@]}" --command-fd 0 --edit-key ${keyid}
|
||||||
"${GPG[@]}" --yes --lsign-key ${keyid} &>/dev/null
|
"${GPG[@]}" --yes --lsign-key ${keyid} &>/dev/null
|
||||||
"${GPG[@]}" --armor --no-emit-version --export ${keyid} >> master/${username}.asc
|
"${GPG[@]}" --export ${keyid} >> master/${username}.asc
|
||||||
echo "${keyid}:4:" >> archlinux-trusted
|
echo "${keyid}:4:" >> archlinux-trusted
|
||||||
done < master-keyids
|
done < master-keyids
|
||||||
"${GPG[@]}" --import-ownertrust < archlinux-trusted 2>/dev/null
|
"${GPG[@]}" --import-ownertrust < archlinux-trusted 2>/dev/null
|
||||||
@ -65,7 +67,7 @@ done < master-keyids
|
|||||||
while read -ra data; do
|
while read -ra data; do
|
||||||
keyid="${data[0]}"
|
keyid="${data[0]}"
|
||||||
username="${data[1]}"
|
username="${data[1]}"
|
||||||
"${GPG[@]}" --armor --no-emit-version --export-options export-minimal --export ${keyid} >> master-revoked/${username}.asc
|
"${GPG[@]}" --export-options export-minimal --export ${keyid} >> master-revoked/${username}.asc
|
||||||
echo "${keyid}" >> archlinux-revoked
|
echo "${keyid}" >> archlinux-revoked
|
||||||
done < master-revoked-keyids
|
done < master-revoked-keyids
|
||||||
|
|
||||||
@ -76,7 +78,7 @@ while read -ra data; do
|
|||||||
if ! "${GPG[@]}" --list-keys --with-colons ${keyid} 2>/dev/null | grep -q '^pub:f:'; then
|
if ! "${GPG[@]}" --list-keys --with-colons ${keyid} 2>/dev/null | grep -q '^pub:f:'; then
|
||||||
echo "key is not fully trusted: ${keyid} ${username}"
|
echo "key is not fully trusted: ${keyid} ${username}"
|
||||||
else
|
else
|
||||||
"${GPG[@]}" --armor --no-emit-version --export ${keyid} >> packager/${username}.asc
|
"${GPG[@]}" --export ${keyid} >> packager/${username}.asc
|
||||||
fi
|
fi
|
||||||
done < packager-keyids
|
done < packager-keyids
|
||||||
|
|
||||||
@ -84,7 +86,7 @@ done < packager-keyids
|
|||||||
while read -ra data; do
|
while read -ra data; do
|
||||||
keyid="${data[0]}"
|
keyid="${data[0]}"
|
||||||
username="${data[1]}"
|
username="${data[1]}"
|
||||||
"${GPG[@]}" --armor --no-emit-version --export-options export-minimal --export ${keyid} >> packager-revoked/${username}.asc
|
"${GPG[@]}" --export-options export-minimal --export ${keyid} >> packager-revoked/${username}.asc
|
||||||
echo "${keyid}" >> archlinux-revoked
|
echo "${keyid}" >> archlinux-revoked
|
||||||
done < packager-revoked-keyids
|
done < packager-revoked-keyids
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user