From 4706c835140a29b6f1094ed96689e79aa0f5b702 Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Sun, 25 Jul 2021 21:55:11 +0200 Subject: Support fetching remote keys from keyserver in container key command. Signed-off-by: Daniel Baumann --- libexec/container/key | 9 +++++++-- share/man/container-key.1.rst | 23 +++++++++++++++++++++-- 2 files changed, 28 insertions(+), 4 deletions(-) diff --git a/libexec/container/key b/libexec/container/key index 4cc62dc..6c9c8c1 100755 --- a/libexec/container/key +++ b/libexec/container/key @@ -76,7 +76,7 @@ Parameters () Usage () { - echo "Usage: ${PROGRAM} ${COMMAND} [-a|--add KEY] [-l|--list] [-r|--remove KEY]" >&2 + echo "Usage: ${PROGRAM} ${COMMAND} [-a|--add KEY_FILE|KEY_ID] [-l|--list] [-r|--remove KEY|KEY_ID]" >&2 exit 1 } @@ -140,7 +140,12 @@ fi case "${ACTION}" in add) - gpg --homedir "${KEYS}" --import "${ADD}" + if [ -e "${ADD}" ] + then + gpg --homedir "${KEYS}" --import "${ADD}" + else + gpg --homedir "${KEYS}" --recv "${ADD}" + fi ;; list) diff --git a/share/man/container-key.1.rst b/share/man/container-key.1.rst index 1eddce3..d21956a 100644 --- a/share/man/container-key.1.rst +++ b/share/man/container-key.1.rst @@ -44,7 +44,7 @@ Options The following **container key** options are available: --a, --add='KEY': +-a, --add='KEY_FILE|KEY_ID': Add a key to the keyring. -l, --list': @@ -56,15 +56,34 @@ The following **container key** options are available: Examples ======== -Add a key to the keyring: +Add a key to the keyring manually: gpg --keyserver hkps://keys.openpgp.org --recv 0x55CF1BF986ABB9C7 gpg --armor --export 0x55CF1BF986ABB9C7 | sudo container key --add - +Assisted adding of the same key: + + sudo container key --add 0x55CF1BF986ABB9C7 + Remove a key from the keyring: sudo container key --remove 0x55CF1BF986ABB9C7 +List keys in the keyring: + + sudo container key --list + +Files +===== + +The following files are used: + +/etc/compute-tools/keys: + Active container keyring. + +/usr/share/compute-tools/keys: + Inactive container keyring library. + See also ======== -- cgit v1.2.3