ryan77627/guix
1
0
Fork 0
mirror of https://git.in.rschanz.org/ryan77627/guix.git synced 2024-12-25 22:08:16 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

guix-install.sh: Suggest what to do if fetching OpenPGP key(s) fails.

Browse source 
* etc/guix-install.sh (chk_gpg_keyring): Report an _err and set the
exit_flag if wget | gpg --import fails.
This commit is contained in:
Tobias Geerinckx-Rice 2022-10-16 02:00:04 +02:00
parent 9a0a786c25
commit 54c0b5c457
No known key found for this signature in database
GPG key ID: 0DB0FF884F556D79
1 changed files with 16 additions and 12 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

18
etc/guix-install.sh
View file

@ -3,7 +3,7 @@
# Copyright © 2017 sharlatan <sharlatanus@gmail.com> # Copyright © 2017 sharlatan <sharlatanus@gmail.com>
# Copyright © 2018 Ricardo Wurmus <rekado@elephly.net> # Copyright © 2018 Ricardo Wurmus <rekado@elephly.net>
# Copyright © 2018 Efraim Flashner <efraim@flashner.co.il> # Copyright © 2018 Efraim Flashner <efraim@flashner.co.il>
# Copyright © 2019, 2020 Tobias Geerinckx-Rice <me@tobias.gr> # Copyright © 20192020, 2022 Tobias Geerinckx-Rice <me@tobias.gr>
# Copyright © 2020 Morgan Smith <Morgan.J.Smith@outlook.com> # Copyright © 2020 Morgan Smith <Morgan.J.Smith@outlook.com>
# Copyright © 2020 Simon Tournier <zimon.toutoune@gmail.com> # Copyright © 2020 Simon Tournier <zimon.toutoune@gmail.com>
# Copyright © 2020 Daniel Brooks <db48x@db48x.net> # Copyright © 2020 Daniel Brooks <db48x@db48x.net>
@ -137,23 +137,27 @@ chk_gpg_keyring()
gpg_key_id=${GPG_SIGNING_KEYS[$user_id]} gpg_key_id=${GPG_SIGNING_KEYS[$user_id]}
# Without --dry-run this command will create a ~/.gnupg owned by root on # Without --dry-run this command will create a ~/.gnupg owned by root on
# systems where gpg has never been used, causing errors and confusion. # systems where gpg has never been used, causing errors and confusion.
if ! gpg --dry-run --list-keys "$gpg_key_id" >/dev/null 2>&1; then if gpg --dry-run --list-keys "$gpg_key_id" >/dev/null 2>&1; then
continue
fi
if prompt_yes_no "${INF}The following OpenPGP public key is \ if prompt_yes_no "${INF}The following OpenPGP public key is \
required to verify the Guix binary signature: $gpg_key_id. required to verify the Guix binary signature: $gpg_key_id.
Would you like me to fetch it for you?"; then Would you like me to fetch it for you?"; then
# Use a reasonable time-out here so users don't report silent # Use a reasonable time-out here so users don't report silent
# freezes when Savannah goes out to lunch, as has happened. # freezes when Savannah goes out to lunch, as has happened.
wget "https://sv.gnu.org/people/viewgpg.php?user_id=$user_id" \ if wget "https://sv.gnu.org/people/viewgpg.php?user_id=$user_id" \
--timeout=30 --no-verbose -O- | gpg --import - --timeout=30 --no-verbose -O- | gpg --import -; then
else continue
fi
fi
# If we reach this point, the key is (still) missing. Report further
# missing keys, if any, but then abort the installation.
_err "${ERR}Missing OpenPGP public key ($gpg_key_id). _err "${ERR}Missing OpenPGP public key ($gpg_key_id).
Fetch it with this command: Fetch it with this command:
wget \"https://sv.gnu.org/people/viewgpg.php?user_id=$user_id\" -O - | \ wget \"https://sv.gnu.org/people/viewgpg.php?user_id=$user_id\" -O - | \
sudo -i gpg --import -" sudo -i gpg --import -"
exit_flag=yes exit_flag=yes
fi
fi
done done
if [ "$exit_flag" = yes ]; then if [ "$exit_flag" = yes ]; then
exit 1 exit 1