CondorCORE/condorcore-keyring
CondorCORE/condorcore-keyring
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
174 Commits 7 Branches 112 Tags 19 MiB
0e79570527
Commit Graph

23 Commits

Author SHA1 Message Date
Christian Hesse
0e79570527 Rework the update process 
* use --refresh-keys if key is available, not --recv-keys
* refresh/receive in one go
 2019-01-23 22:37:38 +01:00
Christian Hesse
a48a66dfd6 Import archlinux.gpg into the temporary keyring 
This makes sure we do not loose signatures depending on key server used.
 2019-01-23 10:27:58 +01:00
Christian Hesse
de4326f4d4 exit immediately on error 
Intermittent errors (due to broker network connectivity, key server
failure, whatever ...) could result in an incomplete keyring. So exit
immediately on error.
 2017-10-19 10:47:12 +02:00
Christian Hesse
6f00b281f1 Revoke keys unconditionally 2017-10-17 14:01:23 +02:00
Christian Hesse
8e8d330967 Use minimal export for revoked keys 
We need the key and most recent self signature.

Signed-off-by: Christian Hesse <mail@eworm.de>
 2017-10-17 12:09:39 +02:00
Christian Hesse
1c4f33d735 Do not export attribute user IDs (photo IDs) 
There's no need to have images in pacman keyring...

Signed-off-by: Christian Hesse <mail@eworm.de>
 2017-10-17 12:09:39 +02:00
Bartłomiej Piotrowski
0abfb04ebb
Update keyring 
- add keys of new Trusted Users: zorin, shibumi, archangegabriel
- revoke keys of ex-TUs: flexiondotorg, dicebot
- revoke Dan's master key

Signed-off-by: Bartłomiej Piotrowski <bpiotrowski@archlinux.org>
 2017-03-20 22:40:09 +01:00
Pierre Schmitz
5242dea788 GPG 2.1 compatibility 2015-02-07 10:28:34 +01:00
Pierre Schmitz
09a1d89a38 Support multiple keys per username 2013-09-26 22:55:57 +02:00
Pierre Schmitz
3e96a8f10f Import all keys before cleaning them up 2013-06-10 14:18:32 +02:00
Pierre Schmitz
40ea22c053 Define a list of revoked keys 
Use the file packager-revoked-keyids to revoke certain keys.
 2013-05-25 12:48:49 +02:00
Pierre Schmitz
3146e710fb pacman 4.0.3 no longer requires the keyring itself to be signed 2012-04-07 18:43:24 +02:00
Pierre Schmitz
ef2d7258f4 Use more reliable default keyserver; same as in pacman >= 4.0.3 2012-04-07 18:38:26 +02:00
Pierre Schmitz
b7dc439458 Simplify/cleanup update script 2012-03-31 18:40:22 +02:00
Pierre Schmitz
8c53bb72db Revert "The keyring no longer needs to be signed" 
This reverts commit 9f3a1ace76.

Keep signatures until pacman 4.0.3 hits [core].
 2012-03-21 09:07:08 +01:00
Pierre Schmitz
9f3a1ace76 The keyring no longer needs to be signed 2012-03-09 22:36:02 +01:00
Pierre Schmitz
15f80006f7 Only recreate signatures if needed 2012-03-04 18:39:11 +01:00
Pierre Schmitz
392c57b2bd Minimize the master keys and remove any unneeded signature 2012-03-03 20:56:03 +01:00
Pierre Schmitz
183b5fb612 Create keyring that can be used by pacman-key --populate 
We also remove unused signatures from the keys to keep the history more readable
 2012-03-03 18:34:23 +01:00
Pierre Schmitz
ba1072bf86 Update gpg keys 2012-02-27 14:06:39 +01:00
Pierre Schmitz
bbd88abce4 Add ownertrust file for the master keys 2012-02-20 13:03:25 +01:00
Pierre Schmitz
f2101938ba Verify packager keys using the master keys 
The update script creates key files for master keys and all developers with fully trusted keys.
 2012-02-12 22:42:01 +01:00
Pierre Schmitz
35a8c70457 Add keyid lists and update script 
* The keyid lists are retreived from archweb
* The update script can be run to refresh all keys
 2012-02-12 17:04:59 +01:00