commit: 920909aaa68421f2999c4bb5c917a9b6274504fa Author: Brian Dolbec <dolsen <AT> gentoo <DOT> org> AuthorDate: Thu Jan 1 21:15:21 2015 +0000 Commit: Brian Dolbec <dolsen <AT> gentoo <DOT> org> CommitDate: Thu Jan 1 21:15:21 2015 +0000 URL: http://sources.gentoo.org/gitweb/?p=proj/gentoo-keys.git;a=commit;h=920909aa
gkeys: update gkeys.conf --- gkeys/etc/gkeys.conf | 48 ++++++++++++++++++++++++++++++++---------------- 1 file changed, 32 insertions(+), 16 deletions(-) diff --git a/gkeys/etc/gkeys.conf b/gkeys/etc/gkeys.conf index d9a42c0..e30d804 100644 --- a/gkeys/etc/gkeys.conf +++ b/gkeys/etc/gkeys.conf @@ -15,30 +15,38 @@ keyserver: pool.sks-keyservers.net gkeysdir: /var/lib/gentoo/gkeys -# keyring: The directory where the official keyring with the specified keys -# will be exported. +# default user home directory +homedir: ~ + + +# user gkey directory +user-dir = %(homedir)s/gkeys-user + + +# base keyring dir keyring: %(gkeysdir)s/keyrings -# The default keyring to use +# The default keyring, nick to use # for verification if not specified verify-keyring: gentoo +verify-nick: gkeys # Base directory to use as the path prefix to use # for the signing capable keyrings, keyring settings # eg: '/' for root if absolute paths are used for homedir, keyring # eg: %(gkeysdir)s if using relative paths -sign-keydir: %(gkeysdir)s/sign +sign-keydir: %(keyring)s/sign -# seedsdir: The directory for all seed files +# seedsdir: base directory for all seed files # used when searching all seed files. seedsdir: %(gkeysdir)s/seeds # logfile directory -logdir: /var/log/gkeys +logdir: %(gkeysdir)s/logs [permissions] @@ -48,7 +56,7 @@ logdir: /var/log/gkeys directories: 0o775 #umask setting (octal) -files: 0o002 +files: 0o022 [seeds] @@ -62,14 +70,24 @@ files: 0o002 gentoo: %(seedsdir)s/gentoo.seeds gentoo-devs: %(seedsdir)s/gentoo-devs.seeds +# Add sign here for ability to choose as a category +# but leave the value blank to prevent accidental changes +# this subdir directory is where you would copy your gpghome directories to +# after creating your key with gkey-gen. Name them the same as the nick you use. +#sign: + [seedurls] # Use the filenames as the keys. # The will be paired to the seed file of the same name for fetching, updating +# category = category or seedfile name +# eg: category: url gentoo: https://api.gentoo.org/gentoo-keys/seeds/gentoo.seeds gentoo-devs: https://api.gentoo.org/gentoo-keys/seeds/gentoo-devs.seeds +#sign: + [verify-seeds] @@ -79,24 +97,22 @@ gentoo-devs: https://api.gentoo.org/gentoo-keys/seeds/gentoo-devs.seeds gentoo: gentoo gkeys gentoo-devs: gentoo gkeys +#sign: + [sign] # GKEY nick used for verification of seeds and other gkey files -#nick = foo - +nick = # The home or key directory to use for signing files -#keydir: foo - +keydir: # keyring to use if not the default -# keyring: bar - +#keyring: # The key fingerprint to use for signing -# key: 0x01234567891012345 - +key: # the gpg signature option to use for signing -# type: detach-sign +type: detach-sign
