Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: Sam James <sam@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] repo/gentoo:master commit in: sec-keys/openpgp-keys-gentoo-developers/
Date: Sat, 03 Sep 2022 01:49:10
Message-Id: 1662169714.fdbc65c03e802d0eeb8c4c4ed78df1c7fe68c1f1.sam@gentoo
1 commit: fdbc65c03e802d0eeb8c4c4ed78df1c7fe68c1f1
2 Author: Sam James <sam <AT> gentoo <DOT> org>
3 AuthorDate: Sat Sep 3 01:48:29 2022 +0000
4 Commit: Sam James <sam <AT> gentoo <DOT> org>
5 CommitDate: Sat Sep 3 01:48:34 2022 +0000
6 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=fdbc65c0
7
8 sec-keys/openpgp-keys-gentoo-developers: drop 20220711, 20220718
9
10 Will try to keep older versions around in future but had to rename
11 a few of the files due to error in script (contents are fine,
12 just dates were a week wrong).
13
14 Signed-off-by: Sam James <sam <AT> gentoo.org>
15
16 sec-keys/openpgp-keys-gentoo-developers/Manifest | 2 -
17 .../openpgp-keys-gentoo-developers-20220711.ebuild | 214 ---------------------
18 .../openpgp-keys-gentoo-developers-20220718.ebuild | 214 ---------------------
19 3 files changed, 430 deletions(-)
20
21 diff --git a/sec-keys/openpgp-keys-gentoo-developers/Manifest b/sec-keys/openpgp-keys-gentoo-developers/Manifest
22 index b3be0b159ad5..db94796079c4 100644
23 --- a/sec-keys/openpgp-keys-gentoo-developers/Manifest
24 +++ b/sec-keys/openpgp-keys-gentoo-developers/Manifest
25 @@ -1,3 +1 @@
26 -DIST openpgp-keys-gentoo-developers-20220711-active-devs.gpg 3237775 BLAKE2B 511e4ea8907593b5ed05c79a0bf6ae131856f0511f3f6a744f393a077ad25fe3f6780caac60d4f94965d4c0aa14debae068599f50920caeaad44303a844bf7ed SHA512 c0122037a3bfde1eec0c3ca7a303ff82f532c518427b34814c12949572c18537f617db22563c15d40fd41f0c94e6c50bcd3e0d3d7d1175400057aafbe41ae2b2
27 -DIST openpgp-keys-gentoo-developers-20220718-active-devs.gpg 3238135 BLAKE2B a500165c89d28d1aef314ef10e639efe5b354cb39cca2c0565b43b55c580eed26d74be1d45b3be3d55d7879f25282d367cca6e04423df59191b7eedfcc1def88 SHA512 e51afcb31f81ee8596c9b2393fae41d8c67fc363d71f91296195369a428371e6151b81fd57a0cff382ad3493e57b6527126abedcdbc72b32f1bd5b2021e029eb
28 DIST openpgp-keys-gentoo-developers-20220830-active-devs.gpg 3234718 BLAKE2B 80753222b4d2febf0d8568503d646e0258410010eefa35ea3914f5979ea05f12634676212df392f5ddbb153899cd7452ee89d412bea9de8e67abf93243444fa8 SHA512 2676fe541cdad8755f745ebd24badd7b4193bdff71f478f2442fea84e1e07b060564d437ce642b01a37ba8086a8177a84c32abf3dd794be8e587e1740bed2af2
29
30 diff --git a/sec-keys/openpgp-keys-gentoo-developers/openpgp-keys-gentoo-developers-20220711.ebuild b/sec-keys/openpgp-keys-gentoo-developers/openpgp-keys-gentoo-developers-20220711.ebuild
31 deleted file mode 100644
32 index 4ff65eaaea85..000000000000
33 --- a/sec-keys/openpgp-keys-gentoo-developers/openpgp-keys-gentoo-developers-20220711.ebuild
34 +++ /dev/null
35 @@ -1,214 +0,0 @@
36 -# Copyright 1999-2022 Gentoo Authors
37 -# Distributed under the terms of the GNU General Public License v2
38 -
39 -EAPI=8
40 -
41 -PYTHON_COMPAT=( python3_{9..11} )
42 -inherit edo python-any-r1
43 -
44 -DESCRIPTION="Gentoo Authority Keys (GLEP 79)"
45 -HOMEPAGE="https://www.gentoo.org/downloads/signatures/"
46 -if [[ ${PV} == 9999* ]] ; then
47 - SRC_URI="https://qa-reports.gentoo.org/output/active-devs.gpg -> ${P}-active-devs.gpg"
48 - PROPERTIES="live"
49 -else
50 - SRC_URI="https://qa-reports.gentoo.org/output/keys/active-devs-${PV}.gpg -> ${P}-active-devs.gpg"
51 - KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~x86"
52 -fi
53 -
54 -S="${WORKDIR}"
55 -
56 -LICENSE="public-domain"
57 -SLOT="0"
58 -IUSE="test"
59 -RESTRICT="!test? ( test )"
60 -
61 -BDEPEND="
62 - $(python_gen_any_dep 'dev-python/python-gnupg[${PYTHON_USEDEP}]')
63 - sec-keys/openpgp-keys-gentoo-auth
64 - test? (
65 - app-crypt/gnupg
66 - )
67 -"
68 -
69 -python_check_deps() {
70 - python_has_version "dev-python/python-gnupg[${PYTHON_USEDEP}]"
71 -}
72 -
73 -src_compile() {
74 - export GNUPGHOME="${T}"/.gnupg
75 -
76 - local mygpgargs=(
77 - --no-autostart
78 - --no-default-keyring
79 - --homedir "${GNUPGHOME}"
80 - )
81 -
82 - # From verify-sig.eclass:
83 - # "GPG upstream knows better than to follow the spec, so we can't
84 - # override this directory. However, there is a clean fallback
85 - # to GNUPGHOME."
86 - addpredict /run/user
87 -
88 - mkdir "${GNUPGHOME}" || die
89 - chmod 700 "${GNUPGHOME}" || die
90 -
91 - # Convert the binary keyring into an armored one so we can process it
92 - edo gpg "${mygpgargs[@]}" --import "${DISTDIR}"/${P}-active-devs.gpg
93 - edo gpg "${mygpgargs[@]}" --export --armor > "${WORKDIR}"/gentoo-developers.asc
94 -
95 - # Now strip out the keys which are expired and/or missing a signature
96 - # from our L2 developer authority key
97 - edo "${EPYTHON}" "${FILESDIR}"/keyring-mangler.py \
98 - "${BROOT}"/usr/share/openpgp-keys/gentoo-auth.asc \
99 - "${WORKDIR}"/gentoo-developers.asc \
100 - "${WORKDIR}"/gentoo-developers-sanitised.asc
101 -}
102 -
103 -src_test() {
104 - export GNUPGHOME="${T}"/tests/.gnupg
105 -
106 - local mygpgargs=(
107 - # We don't have --no-autostart here because we need
108 - # to let it spawn an agent for the key generation.
109 - --no-default-keyring
110 - --homedir "${GNUPGHOME}"
111 - )
112 -
113 - # From verify-sig.eclass:
114 - # "GPG upstream knows better than to follow the spec, so we can't
115 - # override this directory. However, there is a clean fallback
116 - # to GNUPGHOME."
117 - addpredict /run/user
118 -
119 - # Check each of the keys to verify they're trusted by
120 - # the L2 developer key.
121 - mkdir -p "${GNUPGHOME}" || die
122 - chmod 700 "${GNUPGHOME}" || die
123 - cd "${T}"/tests || die
124 -
125 - # First, grab the L1 key, and mark it as ultimately trusted.
126 - edo gpg "${mygpgargs[@]}" --import "${BROOT}"/usr/share/openpgp-keys/gentoo-auth.asc
127 - edo gpg "${mygpgargs[@]}" --import-ownertrust "${BROOT}"/usr/share/openpgp-keys/gentoo-auth-ownertrust.txt
128 -
129 - # Generate a temporary key which isn't signed by anything to check
130 - # whether we're detecting unexpected keys.
131 - #
132 - # The test is whether this appears in the sanitised keyring we
133 - # produce in src_compile (it should not be in there).
134 - #
135 - # https://www.gnupg.org/documentation/manuals/gnupg/Unattended-GPG-key-generation.html
136 - edo gpg "${mygpgargs[@]}" --batch --gen-key <<-EOF
137 - %echo Generating temporary key for testing...
138 -
139 - %no-protection
140 - %transient-key
141 - %pubring ${P}-ebuild-test-key.asc
142 -
143 - Key-Type: 1
144 - Key-Length: 2048
145 - Subkey-Type: 1
146 - Subkey-Length: 2048
147 - Name-Real: Larry The Cow
148 - Name-Email: larry@×××××××.com
149 - Expire-Date: 0
150 - Handle: ${P}-ebuild-test-key
151 -
152 - %commit
153 - %echo Temporary key generated!
154 - EOF
155 -
156 - # Import the new injected key that shouldn't be signed by anything into a temporary testing keyring
157 - edo gpg "${mygpgargs[@]}" --import "${T}"/tests/${P}-ebuild-test-key.asc
158 -
159 - # Sign a tiny file with the to-be-injected key for testing rejection below
160 - echo "Hello world!" > "${T}"/tests/signme || die
161 - edo gpg "${mygpgargs[@]}" -u "Larry The Cow <larry@×××××××.com>" --sign "${T}"/tests/signme || die
162 -
163 - edo gpg "${mygpgargs[@]}" --export --armor > "${T}"/tests/tainted-keyring.asc
164 -
165 - # keyring-mangler.py should now produce a keyring *without* it
166 - edo "${EPYTHON}" "${FILESDIR}"/keyring-mangler.py \
167 - "${BROOT}"/usr/share/openpgp-keys/gentoo-auth.asc \
168 - "${T}"/tests/tainted-keyring.asc \
169 - "${T}"/tests/gentoo-developers-sanitised.asc | tee "${T}"/tests/keyring-mangler.log
170 - assert "Key mangling in tests failed?"
171 -
172 - # Check the log to verify the injected key got detected
173 - grep -q "Dropping key.*Larry The Cow" "${T}"/tests/keyring-mangler.log || die "Did not remove injected key from test keyring!"
174 -
175 - # gnupg doesn't have an easy way for us to actually just.. ask
176 - # if a key is known via WoT. So, sign a file using the key
177 - # we just made, and then try to gpg --verify it, and check exit code.
178 - #
179 - # Let's now double check by seeing if a file signed by the injected key
180 - # is rejected.
181 - if gpg "${mygpgargs[@]}" --keyring "${T}"/tests/gentoo-developers-sanitised.asc --verify "${T}"/tests/signme.gpg ; then
182 - die "'gpg --verify' using injected test key succeeded! This shouldn't happen!"
183 - fi
184 -
185 - # Bonus lame sanity check
186 - edo gpg "${mygpgargs[@]}" --check-trustdb 2>&1 | tee "${T}"/tests/trustdb.log
187 - assert "trustdb call failed!"
188 -
189 - check_trust_levels() {
190 - local mode=${1}
191 -
192 - while IFS= read -r line; do
193 - # gpg: depth: 0 valid: 1 signed: 2 trust: 0-, 0q, 0n, 0m, 0f, 1u
194 - # gpg: depth: 1 valid: 2 signed: 0 trust: 0-, 0q, 0n, 0m, 2f, 0u
195 - if [[ ${line} == *depth* ]] ; then
196 - depth=$(echo ${line} | grep -Po "depth: [0-9]")
197 - trust=$(echo ${line} | grep -Po "trust:.*")
198 -
199 - trust_uncalculated=$(echo ${trust} | grep -Po "[0-9]-")
200 - [[ ${trust_uncalculated} == 0 ]] || ${mode}
201 -
202 - trust_insufficient=$(echo ${trust} | grep -Po "[0-9]q")
203 - [[ ${trust_insufficient} == 0 ]] || ${mode}
204 -
205 - trust_never=$(echo ${trust} | grep -Po "[0-9]n")
206 - [[ ${trust_never} == 0 ]] || ${mode}
207 -
208 - trust_marginal=$(echo ${trust} | grep -Po "[0-9]m")
209 - [[ ${trust_marginal} == 0 ]] || ${mode}
210 -
211 - trust_full=$(echo ${trust} | grep -Po "[0-9]f")
212 - [[ ${trust_full} != 0 ]] || ${mode}
213 -
214 - trust_ultimate=$(echo ${trust} | grep -Po "[0-9]u")
215 - [[ ${trust_ultimate} == 1 ]] || ${mode}
216 -
217 - echo "${trust_uncalculated}, ${trust_insufficient}"
218 - fi
219 - done < "${T}"/tests/trustdb.log
220 - }
221 -
222 - # First, check with the bad key still in the test keyring.
223 - # This is supposed to fail, so we want it to return 1
224 - check_trust_levels "return 1" && die "Trustdb passed when it should have failed!"
225 -
226 - # Now check without the bad key in the test keyring.
227 - # This one should pass.
228 - #
229 - # Drop the bad key first (https://superuser.com/questions/174583/how-to-delete-gpg-secret-keys-by-force-without-fingerprint)
230 - keys=$(gpg "${mygpgargs[@]}" --fingerprint --with-colons --batch "Larry The Cow <larry@×××××××.com>" \
231 - | grep "^fpr" \
232 - | sed -n 's/^fpr:::::::::\([[:alnum:]]\+\):/\1/p')
233 -
234 - for key in ${keys[@]} ; do
235 - nonfatal edo gpg "${mygpgargs[@]}" --batch --yes --delete-secret-keys ${key}
236 - done
237 -
238 - edo gpg "${mygpgargs[@]}" --batch --yes --delete-keys "Larry The Cow <larry@×××××××.com>"
239 - check_trust_levels "return 0" || die "Trustdb failed when it should have passed!"
240 -
241 - gpgconf --kill gpg-agent || die
242 -}
243 -
244 -src_install() {
245 - insinto /usr/share/openpgp-keys
246 - newins gentoo-developers-sanitised.asc gentoo-developers.asc
247 -
248 - # TODO: install an ownertrust file like sec-keys/openpgp-keys-gentoo-auth?
249 -}
250
251 diff --git a/sec-keys/openpgp-keys-gentoo-developers/openpgp-keys-gentoo-developers-20220718.ebuild b/sec-keys/openpgp-keys-gentoo-developers/openpgp-keys-gentoo-developers-20220718.ebuild
252 deleted file mode 100644
253 index 4ff65eaaea85..000000000000
254 --- a/sec-keys/openpgp-keys-gentoo-developers/openpgp-keys-gentoo-developers-20220718.ebuild
255 +++ /dev/null
256 @@ -1,214 +0,0 @@
257 -# Copyright 1999-2022 Gentoo Authors
258 -# Distributed under the terms of the GNU General Public License v2
259 -
260 -EAPI=8
261 -
262 -PYTHON_COMPAT=( python3_{9..11} )
263 -inherit edo python-any-r1
264 -
265 -DESCRIPTION="Gentoo Authority Keys (GLEP 79)"
266 -HOMEPAGE="https://www.gentoo.org/downloads/signatures/"
267 -if [[ ${PV} == 9999* ]] ; then
268 - SRC_URI="https://qa-reports.gentoo.org/output/active-devs.gpg -> ${P}-active-devs.gpg"
269 - PROPERTIES="live"
270 -else
271 - SRC_URI="https://qa-reports.gentoo.org/output/keys/active-devs-${PV}.gpg -> ${P}-active-devs.gpg"
272 - KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~x86"
273 -fi
274 -
275 -S="${WORKDIR}"
276 -
277 -LICENSE="public-domain"
278 -SLOT="0"
279 -IUSE="test"
280 -RESTRICT="!test? ( test )"
281 -
282 -BDEPEND="
283 - $(python_gen_any_dep 'dev-python/python-gnupg[${PYTHON_USEDEP}]')
284 - sec-keys/openpgp-keys-gentoo-auth
285 - test? (
286 - app-crypt/gnupg
287 - )
288 -"
289 -
290 -python_check_deps() {
291 - python_has_version "dev-python/python-gnupg[${PYTHON_USEDEP}]"
292 -}
293 -
294 -src_compile() {
295 - export GNUPGHOME="${T}"/.gnupg
296 -
297 - local mygpgargs=(
298 - --no-autostart
299 - --no-default-keyring
300 - --homedir "${GNUPGHOME}"
301 - )
302 -
303 - # From verify-sig.eclass:
304 - # "GPG upstream knows better than to follow the spec, so we can't
305 - # override this directory. However, there is a clean fallback
306 - # to GNUPGHOME."
307 - addpredict /run/user
308 -
309 - mkdir "${GNUPGHOME}" || die
310 - chmod 700 "${GNUPGHOME}" || die
311 -
312 - # Convert the binary keyring into an armored one so we can process it
313 - edo gpg "${mygpgargs[@]}" --import "${DISTDIR}"/${P}-active-devs.gpg
314 - edo gpg "${mygpgargs[@]}" --export --armor > "${WORKDIR}"/gentoo-developers.asc
315 -
316 - # Now strip out the keys which are expired and/or missing a signature
317 - # from our L2 developer authority key
318 - edo "${EPYTHON}" "${FILESDIR}"/keyring-mangler.py \
319 - "${BROOT}"/usr/share/openpgp-keys/gentoo-auth.asc \
320 - "${WORKDIR}"/gentoo-developers.asc \
321 - "${WORKDIR}"/gentoo-developers-sanitised.asc
322 -}
323 -
324 -src_test() {
325 - export GNUPGHOME="${T}"/tests/.gnupg
326 -
327 - local mygpgargs=(
328 - # We don't have --no-autostart here because we need
329 - # to let it spawn an agent for the key generation.
330 - --no-default-keyring
331 - --homedir "${GNUPGHOME}"
332 - )
333 -
334 - # From verify-sig.eclass:
335 - # "GPG upstream knows better than to follow the spec, so we can't
336 - # override this directory. However, there is a clean fallback
337 - # to GNUPGHOME."
338 - addpredict /run/user
339 -
340 - # Check each of the keys to verify they're trusted by
341 - # the L2 developer key.
342 - mkdir -p "${GNUPGHOME}" || die
343 - chmod 700 "${GNUPGHOME}" || die
344 - cd "${T}"/tests || die
345 -
346 - # First, grab the L1 key, and mark it as ultimately trusted.
347 - edo gpg "${mygpgargs[@]}" --import "${BROOT}"/usr/share/openpgp-keys/gentoo-auth.asc
348 - edo gpg "${mygpgargs[@]}" --import-ownertrust "${BROOT}"/usr/share/openpgp-keys/gentoo-auth-ownertrust.txt
349 -
350 - # Generate a temporary key which isn't signed by anything to check
351 - # whether we're detecting unexpected keys.
352 - #
353 - # The test is whether this appears in the sanitised keyring we
354 - # produce in src_compile (it should not be in there).
355 - #
356 - # https://www.gnupg.org/documentation/manuals/gnupg/Unattended-GPG-key-generation.html
357 - edo gpg "${mygpgargs[@]}" --batch --gen-key <<-EOF
358 - %echo Generating temporary key for testing...
359 -
360 - %no-protection
361 - %transient-key
362 - %pubring ${P}-ebuild-test-key.asc
363 -
364 - Key-Type: 1
365 - Key-Length: 2048
366 - Subkey-Type: 1
367 - Subkey-Length: 2048
368 - Name-Real: Larry The Cow
369 - Name-Email: larry@×××××××.com
370 - Expire-Date: 0
371 - Handle: ${P}-ebuild-test-key
372 -
373 - %commit
374 - %echo Temporary key generated!
375 - EOF
376 -
377 - # Import the new injected key that shouldn't be signed by anything into a temporary testing keyring
378 - edo gpg "${mygpgargs[@]}" --import "${T}"/tests/${P}-ebuild-test-key.asc
379 -
380 - # Sign a tiny file with the to-be-injected key for testing rejection below
381 - echo "Hello world!" > "${T}"/tests/signme || die
382 - edo gpg "${mygpgargs[@]}" -u "Larry The Cow <larry@×××××××.com>" --sign "${T}"/tests/signme || die
383 -
384 - edo gpg "${mygpgargs[@]}" --export --armor > "${T}"/tests/tainted-keyring.asc
385 -
386 - # keyring-mangler.py should now produce a keyring *without* it
387 - edo "${EPYTHON}" "${FILESDIR}"/keyring-mangler.py \
388 - "${BROOT}"/usr/share/openpgp-keys/gentoo-auth.asc \
389 - "${T}"/tests/tainted-keyring.asc \
390 - "${T}"/tests/gentoo-developers-sanitised.asc | tee "${T}"/tests/keyring-mangler.log
391 - assert "Key mangling in tests failed?"
392 -
393 - # Check the log to verify the injected key got detected
394 - grep -q "Dropping key.*Larry The Cow" "${T}"/tests/keyring-mangler.log || die "Did not remove injected key from test keyring!"
395 -
396 - # gnupg doesn't have an easy way for us to actually just.. ask
397 - # if a key is known via WoT. So, sign a file using the key
398 - # we just made, and then try to gpg --verify it, and check exit code.
399 - #
400 - # Let's now double check by seeing if a file signed by the injected key
401 - # is rejected.
402 - if gpg "${mygpgargs[@]}" --keyring "${T}"/tests/gentoo-developers-sanitised.asc --verify "${T}"/tests/signme.gpg ; then
403 - die "'gpg --verify' using injected test key succeeded! This shouldn't happen!"
404 - fi
405 -
406 - # Bonus lame sanity check
407 - edo gpg "${mygpgargs[@]}" --check-trustdb 2>&1 | tee "${T}"/tests/trustdb.log
408 - assert "trustdb call failed!"
409 -
410 - check_trust_levels() {
411 - local mode=${1}
412 -
413 - while IFS= read -r line; do
414 - # gpg: depth: 0 valid: 1 signed: 2 trust: 0-, 0q, 0n, 0m, 0f, 1u
415 - # gpg: depth: 1 valid: 2 signed: 0 trust: 0-, 0q, 0n, 0m, 2f, 0u
416 - if [[ ${line} == *depth* ]] ; then
417 - depth=$(echo ${line} | grep -Po "depth: [0-9]")
418 - trust=$(echo ${line} | grep -Po "trust:.*")
419 -
420 - trust_uncalculated=$(echo ${trust} | grep -Po "[0-9]-")
421 - [[ ${trust_uncalculated} == 0 ]] || ${mode}
422 -
423 - trust_insufficient=$(echo ${trust} | grep -Po "[0-9]q")
424 - [[ ${trust_insufficient} == 0 ]] || ${mode}
425 -
426 - trust_never=$(echo ${trust} | grep -Po "[0-9]n")
427 - [[ ${trust_never} == 0 ]] || ${mode}
428 -
429 - trust_marginal=$(echo ${trust} | grep -Po "[0-9]m")
430 - [[ ${trust_marginal} == 0 ]] || ${mode}
431 -
432 - trust_full=$(echo ${trust} | grep -Po "[0-9]f")
433 - [[ ${trust_full} != 0 ]] || ${mode}
434 -
435 - trust_ultimate=$(echo ${trust} | grep -Po "[0-9]u")
436 - [[ ${trust_ultimate} == 1 ]] || ${mode}
437 -
438 - echo "${trust_uncalculated}, ${trust_insufficient}"
439 - fi
440 - done < "${T}"/tests/trustdb.log
441 - }
442 -
443 - # First, check with the bad key still in the test keyring.
444 - # This is supposed to fail, so we want it to return 1
445 - check_trust_levels "return 1" && die "Trustdb passed when it should have failed!"
446 -
447 - # Now check without the bad key in the test keyring.
448 - # This one should pass.
449 - #
450 - # Drop the bad key first (https://superuser.com/questions/174583/how-to-delete-gpg-secret-keys-by-force-without-fingerprint)
451 - keys=$(gpg "${mygpgargs[@]}" --fingerprint --with-colons --batch "Larry The Cow <larry@×××××××.com>" \
452 - | grep "^fpr" \
453 - | sed -n 's/^fpr:::::::::\([[:alnum:]]\+\):/\1/p')
454 -
455 - for key in ${keys[@]} ; do
456 - nonfatal edo gpg "${mygpgargs[@]}" --batch --yes --delete-secret-keys ${key}
457 - done
458 -
459 - edo gpg "${mygpgargs[@]}" --batch --yes --delete-keys "Larry The Cow <larry@×××××××.com>"
460 - check_trust_levels "return 0" || die "Trustdb failed when it should have passed!"
461 -
462 - gpgconf --kill gpg-agent || die
463 -}
464 -
465 -src_install() {
466 - insinto /usr/share/openpgp-keys
467 - newins gentoo-developers-sanitised.asc gentoo-developers.asc
468 -
469 - # TODO: install an ownertrust file like sec-keys/openpgp-keys-gentoo-auth?
470 -}
Report Message
Find on MARC Find on Google Groups