diff options
author | Ludovic Courtès <ludo@gnu.org> | 2018-09-09 22:15:19 +0200 |
---|---|---|
committer | Ludovic Courtès <ludo@gnu.org> | 2018-09-16 23:00:44 +0200 |
commit | b9e1fddfd8c29b2fa6252ef52a75daa14aaabd3e (patch) | |
tree | 43525fd429276a1cd31b7bc5d80d0e5668ede081 /guix/scripts | |
parent | 3c0e16391ed9a3e3e4611b940fb393c5f2ecea63 (diff) | |
download | gnu-guix-b9e1fddfd8c29b2fa6252ef52a75daa14aaabd3e.tar gnu-guix-b9e1fddfd8c29b2fa6252ef52a75daa14aaabd3e.tar.gz |
gnupg: Use 'gpgv' and keybox files; adjust 'guix refresh' accordingly.
* guix/gnupg.scm (%gpgv-command, current-keyring): New variables
(gnupg-verify): Add optional 'keyring' parameter. Use 'gpgv' instead of
'gpg' and pass it '--keyring'.
(gnupg-receive-keys): Add optional 'keyring' parameter and honor it.
(gnupg-verify*): Add #:keyring and honor it.
* guix/scripts/refresh.scm (%options, show-help): Add '--keyring'.
(guix-refresh): Parameterize CURRENT-KEYRING.
* doc/guix.texi (Invoking guix refresh): Document '--keyring' and the
keybox format.
Diffstat (limited to 'guix/scripts')
-rw-r--r-- | guix/scripts/refresh.scm | 13 |
1 files changed, 11 insertions, 2 deletions
diff --git a/guix/scripts/refresh.scm b/guix/scripts/refresh.scm index bcc23bd39c..58fc64db1f 100644 --- a/guix/scripts/refresh.scm +++ b/guix/scripts/refresh.scm @@ -1,5 +1,5 @@ ;;; GNU Guix --- Functional package management for GNU -;;; Copyright © 2013, 2014, 2015, 2016, 2017 Ludovic Courtès <ludo@gnu.org> +;;; Copyright © 2013, 2014, 2015, 2016, 2017, 2018 Ludovic Courtès <ludo@gnu.org> ;;; Copyright © 2013 Nikita Karetnikov <nikita@karetnikov.org> ;;; Copyright © 2014 Eric Bavier <bavier@member.fsf.org> ;;; Copyright © 2015 Alex Kost <alezost@gmail.com> @@ -89,6 +89,9 @@ (lambda (opt name arg result) (alist-cons 'list-dependent? #t result))) + (option '("keyring") #t #f + (lambda (opt name arg result) + (alist-cons 'keyring arg result))) (option '("key-server") #t #f (lambda (opt name arg result) (alist-cons 'key-server arg result))) @@ -139,6 +142,8 @@ specified with `--select'.\n")) be rebuilt as a result of upgrading PACKAGE...")) (newline) (display (G_ " + --keyring=FILE use FILE as the keyring of upstream OpenPGP keys")) + (display (G_ " --key-server=HOST use HOST as the OpenPGP key server")) (display (G_ " --gpg=COMMAND use COMMAND as the GnuPG 2.x command")) @@ -437,7 +442,11 @@ update would trigger a complete rebuild." (%openpgp-key-server))) (%gpg-command (or (assoc-ref opts 'gpg-command) - (%gpg-command)))) + (%gpg-command))) + (current-keyring + (or (assoc-ref opts 'keyring) + (string-append (config-directory) + "/upstream/trustedkeys.kbx")))) (for-each (cut update-package store <> updaters #:key-download key-download |