GNU bug report logs - #39684
[PATCH] etc: Automatically download the pgp key

Previous Next

Package: guix-patches;

Reported by: Julien Lepiller <julien <at> lepiller.eu>

Date: Thu, 20 Feb 2020 01:23:01 UTC

Severity: normal

Tags: patch

Done: Julien Lepiller <julien <at> lepiller.eu>

Bug is archived. No further changes may be made.

Full log

View this message in rfc822 format

From: Ludovic Courtès <ludo <at> gnu.org>
To: Julien Lepiller <julien <at> lepiller.eu>
Cc: 39684 <at> debbugs.gnu.org
Subject: [bug#39684] [PATCH] etc: Automatically download the pgp key
Date: Wed, 18 Mar 2020 10:59:00 +0100

Hi Julien!

Julien Lepiller <julien <at> lepiller.eu> skribis:

>>From aebea6bcfa615bc644c9afa1120eeb34f0956c5a Mon Sep 17 00:00:00 2001
> From: Julien Lepiller <julien <at> lepiller.eu>
> Date: Thu, 20 Feb 2020 02:14:39 +0100
> Subject: [PATCH] etc: Add an `allow-import-gpg' option to the installer
>  script.
>
> * etc/guix-install.sh: Add an `allow-import-gpg' option to support
> fetching the OpenPGP public key automatically.

Sounds like a good idea.

> --- a/etc/guix-install.sh
> +++ b/etc/guix-install.sh
> @@ -57,6 +57,7 @@ INF="[ INFO ] "
>  DEBUG=0
>  GNU_URL="https://ftp.gnu.org/gnu/guix/"
>  OPENPGP_SIGNING_KEY_ID="3CE464558A84FDC69DB40CFB090B11993D9AEBB5"
> +GPG_IMPORT=0

Perhaps define:

  OPENPGP_KEY_URL="https://sv.gnu.org/people/viewgpg.php?user_id=15145"

and use it everywhere?

>  # This script needs to know where root's home directory is.  However, we
>  # cannot simply use the HOME environment variable, since there is no guarantee
> @@ -109,9 +110,14 @@ chk_gpg_keyring()
>      # Without --dry-run this command will create a ~/.gnupg owned by root on
>      # systems where gpg has never been used, causing errors and confusion.
>      gpg --dry-run --list-keys ${OPENPGP_SIGNING_KEY_ID} >/dev/null 2>&1 || (
> -        _err "${ERR}Missing OpenPGP public key.  Fetch it with this command:"
> -        echo "  wget https://sv.gnu.org/people/viewgpg.php?user_id=15145 -qO - | gpg --import -"
> -        exit 1
> +        if [ "${GPG_IMPORT}" = "1" ]; then
> +          wget https://sv.gnu.org/people/viewgpg.php?user_id=15145 -qO - | gpg --import -

This would become wget "$OPENPGP_KEY_URL" (better use quotes).

Thanks!

Ludo’.
This bug report was last modified 3 years and 241 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.