blob: bffeaa1bd8122168cb257a678dcaaa5891f1c9d9 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
|
#!/bin/bash
export GNUPGHOME=/etc/metadata/gnupg
mkdir -p $GNUPGHOME
chmod 0700 $GNUPGHOME
export GPG=gpg
# Install new keys discovered in the keys directory
for k in keys/*.pub; do
fp=`$GPG --with-colons --with-fingerprint --show-key < $k | awk -F: '$1 == "pub" {print $5}'`
fp_in_db=`$GPG --with-colons --fingerprint | grep ":$fp:"`
if [ "x`echo $fp_in_db | grep '^pub:e:'`" != "x" ]; then
echo "$0: Key expired, will re-import it from $k"
$GPG --fingerprint $fp
fi
# The removal of any ^pub:e: entrys means to ignore expired keys - thereby importing them again.
echo $fp_in_db | grep -v "^pub:e:" | grep -q ":$fp:" || $GPG --import < $k
done
# Delete keys no longer present in keys directory
for fp in `$GPG --with-colons --fingerprint | awk -F: '$1 == "pub" {print $5}'`; do
seen="no"
for k in keys/*.pub; do
$GPG --with-colons --with-fingerprint --show-key < $k | grep -q ":$fp:" && seen="yes"
done
if [ "x$seen" = "xno" ]; then
$GPG --yes --batch --delete-key $fp || true
fi
done
|
