diff options
author | Maxim Cournoyer <maxim.cournoyer@gmail.com> | 2021-05-04 22:25:34 -0400 |
---|---|---|
committer | Maxim Cournoyer <maxim.cournoyer@gmail.com> | 2021-05-05 11:01:07 -0400 |
commit | 5b0ce3393b7f8853d3154ede930482446a7c0376 (patch) | |
tree | 3bf999fca929630e5922f714b1a0d89edb6cbd5a /etc/guix-install.sh | |
parent | e61fe664a4a3fd9ae09ff1890cc1dc3285ab3634 (diff) | |
download | guix-5b0ce3393b7f8853d3154ede930482446a7c0376.tar guix-5b0ce3393b7f8853d3154ede930482446a7c0376.tar.gz |
guix-install.sh: Propose automatically fetching OpenPGP keys.
Via, for example, yes | ./guix-install.sh.
* etc/guix-install.sh (prompt_yes_no): New procedure.
(chk_gpg_keyring, sys_authorize_build_farms): Use it.
Diffstat (limited to 'etc/guix-install.sh')
-rwxr-xr-x | etc/guix-install.sh | 47 |
1 files changed, 33 insertions, 14 deletions
diff --git a/etc/guix-install.sh b/etc/guix-install.sh index 6a8f7a20c1..9f7bd2038a 100755 --- a/etc/guix-install.sh +++ b/etc/guix-install.sh @@ -92,6 +92,18 @@ _debug() fi } +# Return true if user answered yes, false otherwise. +# $1: The prompt question. +prompt_yes_no() { + while true; do + read -rp "$1" yn + case $yn in + [Yy]*) return 0;; + [Nn]*) return 1;; + *) _msg "Please answer yes or no." + esac + done +} chk_require() { # Check that every required command is available. @@ -123,9 +135,19 @@ chk_gpg_keyring() # Without --dry-run this command will create a ~/.gnupg owned by root on # systems where gpg has never been used, causing errors and confusion. if ! gpg --dry-run --list-keys "$gpg_key_id" >/dev/null 2>&1; then - _err "${ERR}Missing OpenPGP public key ($gpg_key_id). Fetch it with this command:" - echo " wget \"https://sv.gnu.org/people/viewgpg.php?user_id=$user_id\" -qO - | sudo -i gpg --import -" - exit_flag=yes + if prompt_yes_no "${INF}The following OpenPGP public key is \ +required to verify the Guix binary signature: $gpg_key_id. +Would you like me to fetch it for you? (yes/no)"; then + wget "https://sv.gnu.org/people/viewgpg.php?user_id=$user_id" \ + -qO - | gpg --import - + else + _err "${ERR}Missing OpenPGP public key ($gpg_key_id). +Fetch it with this command: + + wget \"https://sv.gnu.org/people/viewgpg.php?user_id=$user_id\" -qO - | \ +sudo -i gpg --import -" + exit_flag=yes + fi fi done if [ "$exit_flag" = yes ]; then @@ -451,17 +473,14 @@ sys_enable_guix_daemon() sys_authorize_build_farms() { # authorize the public key of the build farm - while true; do - read -rp "Permit downloading pre-built package binaries from the project's build farm? (yes/no) " yn - case $yn in - [Yy]*) guix archive --authorize < "~root/.config/guix/current/share/guix/ci.guix.gnu.org.pub" && - _msg "${PAS}Authorized public key for ci.guix.gnu.org"; - break;; - [Nn]*) _msg "${INF}Skipped authorizing build farm public keys" - break;; - *) _msg "Please answer yes or no."; - esac - done + if prompt_yes_no "Permit downloading pre-built package binaries from the \ +project's build farm? (yes/no) "; then + guix archive --authorize \ + < "~root/.config/guix/current/share/guix/ci.guix.gnu.org.pub" \ + && _msg "${PAS}Authorized public key for ci.guix.gnu.org" + else + _msg "${INF}Skipped authorizing build farm public keys" + fi } sys_create_init_profile() |