summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDan McGee <dan@archlinux.org>2011-09-01 15:29:25 -0500
committerDan McGee <dan@archlinux.org>2011-09-02 21:44:04 -0500
commit16fd66f879abd52a636ba00cd782b37b1fcf8a65 (patch)
tree6508aebb0f8b4350787585dbd9e870a88db61092
parentd9545103b9a9517cb8996562d990431094027663 (diff)
pacman-key: add --refresh-keys operation
This allows new signatures to be pulled, revocations to be found, etc. Signed-off-by: Dan McGee <dan@archlinux.org>
-rw-r--r--doc/pacman-key.8.txt3
-rw-r--r--scripts/pacman-key.sh.in11
2 files changed, 11 insertions, 3 deletions
diff --git a/doc/pacman-key.8.txt b/doc/pacman-key.8.txt
index 824f0b3b..5f947284 100644
--- a/doc/pacman-key.8.txt
+++ b/doc/pacman-key.8.txt
@@ -90,6 +90,9 @@ Options
*-r, \--recv-keys* <keyid(s)>::
Equivalent to '\--recv-keys' in GnuPG.
+*\--refresh-keys* [keyid(s)]::
+ Equivalent to '\--refresh-keys' in GnuPG.
+
*\--populate* [keyring(s)]::
Reload the default keys from the (optionally provided) keyrings in
+{pkgdatadir}/keyrings+. For more information, see
diff --git a/scripts/pacman-key.sh.in b/scripts/pacman-key.sh.in
index a757b719..2a78803b 100644
--- a/scripts/pacman-key.sh.in
+++ b/scripts/pacman-key.sh.in
@@ -41,6 +41,7 @@ LISTSIGS=0
LSIGNKEY=0
POPULATE=0
RECEIVE=0
+REFRESH=0
UPDATEDB=0
VERIFY=0
@@ -81,6 +82,7 @@ usage() {
echo "$(gettext " --lsign-key <keyid> Locally sign the specified keyid")"
printf "$(gettext " --populate [keyring(s)] Reload the default keys from the (given) keyrings\n\
in '%s'")\n" "@pkgdatadir@/keyrings"
+ echo "$(gettext " --refresh-keys [keyid(s)] Update specified or all keys from a keyserver")"
}
version() {
@@ -363,7 +365,8 @@ fi
OPT_SHORT="a::d:e:f::hl::r:uv:V"
OPT_LONG="add::,config:,delete:,edit-key:,export::,finger::,gpgdir:"
OPT_LONG+=",help,import:,import-trustdb:,init,keyserver:,list-keys::,list-sigs::"
-OPT_LONG+=",lsign-key:,populate::,recv-keys:,updatedb,verify:,version"
+OPT_LONG+=",lsign-key:,populate::,recv-keys:,refresh-keys::,updatedb"
+OPT_LONG+=",verify:,version"
if ! OPT_TEMP="$(parse_options $OPT_SHORT $OPT_LONG "$@")"; then
echo; usage; exit 1 # E_INVALID_OPTION;
fi
@@ -393,6 +396,7 @@ while true; do
--lsign-key) LSIGNKEY=1; shift; KEYIDS=($1); UPDATEDB=1 ;;
--populate) POPULATE=1; [[ -n $2 && ${2:0:1} != "-" ]] && shift && KEYRINGIDS=($1); UPDATEDB=1 ;;
-r|--recv-keys) RECEIVE=1; shift; KEYIDS=($1); UPDATEDB=1 ;;
+ --refresh-keys) REFRESH=1; [[ -n $2 && ${2:0:1} != "-" ]] && shift && KEYIDS=($1) ;;
-u|--updatedb) UPDATEDB=1 ;;
-v|--verify) VERIFY=1; shift; SIGNATURE=$1 ;;
@@ -411,7 +415,7 @@ if ! type -p gpg >/dev/null; then
exit 1
fi
-if (( (ADD || DELETE || EDITKEY || IMPORT || IMPORT_TRUSTDB || INIT || LSIGNKEY || POPULATE || RECEIVE || UPDATEDB) && EUID != 0 )); then
+if (( (ADD || DELETE || EDITKEY || IMPORT || IMPORT_TRUSTDB || INIT || LSIGNKEY || POPULATE || RECEIVE || REFRESH || UPDATEDB) && EUID != 0 )); then
error "$(gettext "%s needs to be run as root for this operation.")" "pacman-key"
exit 1
fi
@@ -434,7 +438,7 @@ fi
# check only a single operation has been given
# don't include UPDATEDB in here as other opts can induce it
numopt=$(( ADD + DELETE + EDITKEY + EXPORT + FINGER + IMPORT + IMPORT_TRUSTDB +
- INIT + LISTKEYS + LISTSIGS + LSIGNKEY + POPULATE + RECEIVE + VERIFY ))
+ INIT + LISTKEYS + LISTSIGS + LSIGNKEY + POPULATE + RECEIVE + REFRESH + VERIFY ))
case $numopt in
0)
@@ -466,6 +470,7 @@ esac
(( LSIGNKEY )) && "${GPG_PACMAN[@]}" --lsign-key "${KEYIDS[@]}"
(( POPULATE )) && populate_keyring
(( RECEIVE )) && "${GPG_PACMAN[@]}" --recv-keys "${KEYIDS[@]}"
+(( REFRESH )) && "${GPG_PACMAN[@]}" --refresh-keys "${KEYIDS[@]}"
(( VERIFY )) && "${GPG_PACMAN[@]}" --verify $SIGNATURE
if (( UPDATEDB )); then