Hi, the problem you have is that you mix commands on the command line and those from stdin. If you replace
$ printf "10w\nsave\n" | gpg --batch --passphrase-fd 3 \ --command-fd 0 --status-fd=2 --edit-key [email protected] expire 3<pw by $ printf "expire\n10w\nsave\n" | gpg --batch --passphrase-fd 3 \ --command-fd 0 --status-fd=2 --edit-key [email protected] 3<pw it will work as you expect. Reading commands from the command line is kludge which allows to implement --sign-key easily. Commands from the command line are read and evaluated before reading commands from stdin. Now, the definition of --batch is that no user input is required. Thus it will terminate gpg immediately when there are no more commands from the command line. I agree that the mix of --command-fd and --batch is not very clean. Changing this behaviour would for sure break some existing code. Using this batched commands is in any case not a good idea, because you never know what gpg wants to know from you. The very first version of GPA was implemented only with batched commands and thus stopped working for any more complicated keys. The current version of GPA uses a FSM to provide default answers to unknown prompts and thus keeps on working even with slightly changed --edit-key interface. A word of warning in the man page would be a could idea; however the entire interface is not very well documented I fear. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. _______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
