diff options
Diffstat (limited to 'bin/create-build-support-package')
-rwxr-xr-x | bin/create-build-support-package | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/bin/create-build-support-package b/bin/create-build-support-package index ed09f87..d1dd998 100755 --- a/bin/create-build-support-package +++ b/bin/create-build-support-package @@ -214,6 +214,17 @@ elif [ -n "${shim_package}" ]; then exit 1 fi + if ! gpg --batch --status-fd 1 -q --homedir /etc/pacman.d/gnupg --verify \ + "${shim_package}.sig" \ + "${shim_package}" \ + 2> /dev/null \ + | cut -d' ' -f2 \ + | grep -qxF TRUST_FULLY; then + >&2 printf '%s has invalid signature\n' \ + "${shim_package}" + exit 1 + fi + exec 8> "${package_database_lock_file}" verbose_flock ${wait_for_lock} 8 |