From 33685b960d3f05841cfac5696a0946396c448a34 Mon Sep 17 00:00:00 2001 From: Dan McGee Date: Wed, 21 Sep 2011 17:53:44 -0500 Subject: pacman-key: remove holdkeys functionality We're putting the cart ahead of the horse a bit here. Given that our keyring is not one where everything is implicitly trusted (ala gpgv), keeping or deleting a key has no bearing on its trusted status, only whether we can actually verify things signed by said key. If we need to address this down the road, we can find a solution that works for the problem at hand rather than trying to solve it now before signing is even widespread. Signed-off-by: Dan McGee --- scripts/pacman-key.sh.in | 12 ------------ 1 file changed, 12 deletions(-) (limited to 'scripts/pacman-key.sh.in') diff --git a/scripts/pacman-key.sh.in b/scripts/pacman-key.sh.in index ad2eefe4..72725154 100644 --- a/scripts/pacman-key.sh.in +++ b/scripts/pacman-key.sh.in @@ -288,18 +288,6 @@ populate_keyring() { fi done - # Read list of keys that must be kept installed and remove them from the list - # of keys to be removed - if [[ -f "${PACMAN_KEYRING_DIR}/holdkeys" ]]; then - while read key; do - key_id="$("${GPG_PACMAN[@]}" --quiet --with-colons --list-key "${key}" 2>/dev/null | grep ^pub | cut -d: -f5)" - if [[ -n "${revoked_ids[$key_id]}" ]]; then - unset revoked_ids[$key_id] - fi - done < "${PACMAN_KEYRING_DIR}/holdkeys" - fi - - # Remove the keys not marked to keep if (( ${#revoked_ids[@]} > 0 )); then msg "$(gettext "Disabling revoked keys in keyring...")" for key_id in "${!revoked_ids[@]}"; do -- cgit v1.2.3-2-g168b