diff options
author | Erich Eckner <git@eckner.net> | 2019-09-02 21:01:16 +0200 |
---|---|---|
committer | Erich Eckner <git@eckner.net> | 2019-09-02 21:01:16 +0200 |
commit | f595adb906ba44eaebde52608f1af01e236bcf7d (patch) | |
tree | 9a38441b99899f3ceb28f5bd8c5c4302beb76a7a | |
parent | ee71f24356a80643ffd16586f0778cb4b79f446b (diff) | |
download | devops-f595adb906ba44eaebde52608f1af01e236bcf7d.tar.xz |
scrub-for-gpg-keys: do not use fifo and tmp_dir
-rwxr-xr-x | scrub-for-gpg-keys | 82 |
1 files changed, 38 insertions, 44 deletions
diff --git a/scrub-for-gpg-keys b/scrub-for-gpg-keys index 2e760c7..4687410 100755 --- a/scrub-for-gpg-keys +++ b/scrub-for-gpg-keys @@ -1,52 +1,46 @@ #!/bin/bash -tmp_dir=$(mktemp -d) -trap 'rm -rf --one-file-system "${tmp_dir}"' EXIT -mkfifo "${tmp_dir}/key-fifo" -if [ "x$1" = 'x-l' ]; then - sudo su http -s /bin/bash -c 'gpg --import' \ - < "${tmp_dir}/key-fifo" & +{ + { + find \ + /usr/src/archlinux/{packages,community}/ \ + /usr/src/archlinux32/packages/ \ + ~/eigeneSkripte/archPackages/ \ + -type f -name PKGBUILD \ + -exec sed -n ' + /^\s*validpgpkeys=.*)/p + /^\s*validpgpkeys=[^)]\+$/,/)/p + ' {} + 2>/dev/null \ + | sed ' + s/#.*$// + s/^\s*validpgpkeys=(// + s/).*$// + ' \ + | tr -d '" \t'"'" + curl -Ss 'https://archlinux32.org/key-wishlist' + } \ + | sort -u \ + | grep -x '[0-9a-fA-F]\{16,40\}' \ + | while read -r key_id; do + key=$(gpg -a --export "${key_id}" 2>/dev/null) + if [ -z "${key}" ]; then + /usr/src/skripte/gpg-safe-import/gpg-safe-import --recv-keys "${key_id}" + key=$(gpg -a --export "${key_id}" 2>/dev/null) + fi + if [ -z "${key}" ]; then + >&2 printf 'wish-list key "%s" is unknown\n' "${key_id}" + continue + fi + printf '%s\n' "${key}" + done + gpg --homedir /etc/pacman.d/gnupg -a --export +} \ +| if [ "x$1" = 'x-l' ]; then + sudo su http -s /bin/bash -c 'gpg --import' elif [ $# -ne 0 ]; then >&2 echo 'only valid parameter is "-l"' exit 1 else - ssh archlinux32 "sudo su http -s /bin/bash -c 'gpg --import'" \ - < "${tmp_dir}/key-fifo" & + ssh archlinux32 "sudo su http -s /bin/bash -c 'gpg --import'" fi - -{ - find \ - /usr/src/archlinux/{packages,community}/ \ - /usr/src/archlinux32/packages/ \ - ~/eigeneSkripte/archPackages/ \ - -type f -name PKGBUILD \ - -exec sed -n ' - /^\s*validpgpkeys=.*)/p - /^\s*validpgpkeys=[^)]\+$/,/)/p - ' {} + 2>/dev/null \ - | sed ' - s/#.*$// - s/^\s*validpgpkeys=(// - s/).*$// - ' \ - | tr -d '" \t'"'" - curl -Ss 'https://archlinux32.org/key-wishlist' -} \ -| sort -u \ -| grep -x '[0-9a-fA-F]\{16,40\}' \ -| while read -r key_id; do - key=$(gpg -a --export "${key_id}" 2>/dev/null) - if [ -z "${key}" ]; then - /usr/src/skripte/gpg-safe-import/gpg-safe-import --recv-keys "${key_id}" - key=$(gpg -a --export "${key_id}" 2>/dev/null) - fi - if [ -z "${key}" ]; then - >&2 printf 'wish-list key "%s" is unknown\n' "${key_id}" - continue - fi - printf '%s\n' "${key}" -done \ -> "${tmp_dir}/key-fifo" - -rm "${tmp_dir}/key-fifo" |