This allows new signatures to be pulled, revocations to be found, etc.
Signed-off-by: Dan McGee <[email protected]>
---
doc/pacman-key.8.txt | 3 +++
scripts/pacman-key.sh.in | 11 ++++++++---
2 files changed, 11 insertions(+), 3 deletions(-)
diff --git a/doc/pacman-key.8.txt b/doc/pacman-key.8.txt
index 824f0b3..5f94728 100644
--- a/doc/pacman-key.8.txt
+++ b/doc/pacman-key.8.txt
@@ -90,6 +90,9 @@ Options
*-r, \--recv-keys* <keyid(s)>::
Equivalent to '\--recv-keys' in GnuPG.
+*\--refresh-keys* [keyid(s)]::
+ Equivalent to '\--refresh-keys' in GnuPG.
+
*\--populate* [keyring(s)]::
Reload the default keys from the (optionally provided) keyrings in
+{pkgdatadir}/keyrings+. For more information, see
diff --git a/scripts/pacman-key.sh.in b/scripts/pacman-key.sh.in
index ce95f5d..91a2559 100644
--- a/scripts/pacman-key.sh.in
+++ b/scripts/pacman-key.sh.in
@@ -41,6 +41,7 @@ LISTSIGS=0
LSIGNKEY=0
POPULATE=0
RECEIVE=0
+REFRESH=0
UPDATEDB=0
VERIFY=0
@@ -81,6 +82,7 @@ usage() {
echo "$(gettext " --lsign-key <keyid> Locally sign the specified
keyid")"
printf "$(gettext " --populate [keyring(s)] Reload the default keys
from the (given) keyrings\n\
in '%s'")\n" "@pkgdatadir@/keyrings"
+ echo "$(gettext " --refresh-keys [keyid(s)] Update specified or all
keys from a keyserver")"
}
version() {
@@ -363,7 +365,8 @@ fi
OPT_SHORT="a::d:e:f::hl::r:uv:V"
OPT_LONG="add::,config:,delete:,edit-key:,export::,finger::,gpgdir:"
OPT_LONG+=",help,import:,import-trustdb:,init,list-keys::,list-sigs::"
-OPT_LONG+=",lsign-key:,populate::,recv-keys:,updatedb,verify:,version"
+OPT_LONG+=",lsign-key:,populate::,recv-keys:,refresh-keys::,updatedb"
+OPT_LONG+=",verify:,version"
if ! OPT_TEMP="$(parse_options $OPT_SHORT $OPT_LONG "$@")"; then
echo; usage; exit 1 # E_INVALID_OPTION;
fi
@@ -393,6 +396,7 @@ while true; do
--lsign-key) LSIGNKEY=1; shift; KEYIDS=($1); UPDATEDB=1 ;;
--populate) POPULATE=1; [[ -n $2 && ${2:0:1} != "-" ]] &&
shift && KEYRINGIDS=($1); UPDATEDB=1 ;;
-r|--recv-keys) RECEIVE=1; shift; KEYIDS=($1); UPDATEDB=1 ;;
+ --refresh-keys) REFRESH=1; [[ -n $2 && ${2:0:1} != "-" ]] &&
shift && KEYIDS=($1) ;;
-u|--updatedb) UPDATEDB=1 ;;
-v|--verify) VERIFY=1; shift; SIGNATURE=$1 ;;
@@ -411,7 +415,7 @@ if ! type -p gpg >/dev/null; then
exit 1
fi
-if (( (ADD || DELETE || EDITKEY || IMPORT || IMPORT_TRUSTDB || INIT ||
LSIGNKEY || POPULATE || RECEIVE || UPDATEDB) && EUID != 0 )); then
+if (( (ADD || DELETE || EDITKEY || IMPORT || IMPORT_TRUSTDB || INIT ||
LSIGNKEY || POPULATE || RECEIVE || REFRESH || UPDATEDB) && EUID != 0 )); then
error "$(gettext "%s needs to be run as root for this operation.")"
"pacman-key"
exit 1
fi
@@ -434,7 +438,7 @@ fi
# check only a single operation has been given
# don't include UPDATEDB in here as other opts can induce it
numopt=$(( ADD + DELETE + EDITKEY + EXPORT + FINGER + IMPORT + IMPORT_TRUSTDB +
- INIT + LISTKEYS + LISTSIGS + LSIGNKEY + POPULATE + RECEIVE +
VERIFY ))
+ INIT + LISTKEYS + LISTSIGS + LSIGNKEY + POPULATE + RECEIVE +
REFRESH + VERIFY ))
case $numopt in
0)
@@ -466,6 +470,7 @@ esac
(( LSIGNKEY )) && "${GPG_PACMAN[@]}" --lsign-key "${KEYIDS[@]}"
(( POPULATE )) && populate_keyring
(( RECEIVE )) && "${GPG_PACMAN[@]}" --recv-keys "${KEYIDS[@]}"
+(( REFRESH )) && "${GPG_PACMAN[@]}" --refresh-keys "${KEYIDS[@]}"
(( VERIFY )) && "${GPG_PACMAN[@]}" --verify $SIGNATURE
if (( UPDATEDB )); then
--
1.7.6
