summaryrefslogtreecommitdiff
path: root/global/post-tasks.d/015cosmos-trust
diff options
context:
space:
mode:
authorFredrik Thulin <fredrik@thulin.net>2014-05-26 12:25:09 +0200
committerFredrik Thulin <fredrik@thulin.net>2014-05-26 12:25:09 +0200
commit288276144724476f0ed6b716fea8b512f46b68e6 (patch)
tree71a341359de603632f4d6d3f5f29b376fd532d5b /global/post-tasks.d/015cosmos-trust
parentb4b1247f99d5daf07b2a8dca45c8dcac63e8ba55 (diff)
Diffstat (limited to 'global/post-tasks.d/015cosmos-trust')
-rwxr-xr-xglobal/post-tasks.d/015cosmos-trust7
1 files changed, 5 insertions, 2 deletions
diff --git a/global/post-tasks.d/015cosmos-trust b/global/post-tasks.d/015cosmos-trust
index 447d875..5c3359b 100755
--- a/global/post-tasks.d/015cosmos-trust
+++ b/global/post-tasks.d/015cosmos-trust
@@ -4,12 +4,15 @@ if [ -z "$COSMOS_KEYS" ]; then
COSMOS_KEYS=/etc/cosmos/keys
fi
+# Install new keys discovered in the $COSMOS_KEYS directory
for k in $COSMOS_KEYS/*.pub; do
fp=`cosmos gpg --with-colons --with-fingerprint < $k| awk -F: '$1 == "pub" {print $5}'`
- cosmos gpg --with-colons --fingerprint | grep -q ":$fp:" || cosmos gpg --import < $k
+ # The removal of any ^pub:e: entrys means to ignore expired keys - thereby importing them again.
+ cosmos gpg --with-colons --fingerprint | grep -v "^pub:e:" | grep -q ":$fp:" || cosmos gpg --import < $k
done
-for fp in `cosmos gpg --with-colons --fingerprint | awk -F: '$1 == "pub" {print $5}'`; do
+# Delete keys no longer present in $COSMOS_KEYS directory
+for fp in `cosmos gpg --with-colons --fingerprint | awk -F: '$1 == "pub" {print $5 }'`; do
seen="no"
for k in $COSMOS_KEYS/*.pub; do
cosmos gpg --with-colons --with-fingerprint < $k | grep -q ":$fp:" && seen="yes"