On 19/07/11 11:06, Dan McGee wrote:
Add code to conf.c that parses the new SigLevel directive. An
overwhelming number of options are presented, but most users will still
be fine with the Never/Optional/Required trio. More advanced users can
combine these or any of the other options on a 'SigLevel = ' line, which
is parsed in a left-to-right fashion and flags turned on and off
accordingly. For example, all three of these will net the same config:
SigLevel = Required PackageOptional
SigLevel = Optional DatabaseRequired
SigLevel = DatabaseRequired PackageOptional
Additionally, database-specific lines assume you wish to start with any
global default that has been set. For example, if any of the above lines
were in the [options] section, something such as:
SigLevel = PackageRequired PackageAllowMarginal
Would continue to enforce required database signatures.
Inspiration-by: Kerrick Staley<[email protected]>
Signed-off-by: Dan McGee<[email protected]>
---
Signed-off-by: Allan
Tested with the following in my pacman.conf
[options]
SigLevel = Optional (also with this commented out)
[allanbrokeit]
SigLevel = Required
[kernel64]
SigLevel = DatabaseRequired
(Arch repos without SigLevel specified)
Everything seems to work as expected. The [allanbrokeit] repo gives all
sorts of failures without signatures and the [kernel64] repo failed when
there was no repo signature but is happy about the lack of package
signatures within the repo.
Allan
