gpg --lsign-key does not like being given multiple keys to sign.
Signed-off-by: Allan McRae <[email protected]>
---
scripts/pacman-key.sh.in | 18 +++++++++++++-----
1 file changed, 13 insertions(+), 5 deletions(-)
diff --git a/scripts/pacman-key.sh.in b/scripts/pacman-key.sh.in
index e5b6021..d2389b0 100644
--- a/scripts/pacman-key.sh.in
+++ b/scripts/pacman-key.sh.in
@@ -301,7 +301,6 @@ populate_keyring() {
if (( ${#trusted_ids[@]} > 0 )); then
msg "$(gettext "Locally signing trusted keys in keyring...")"
for key_id in "${!trusted_ids[@]}"; do
- msg2 "$(gettext "Locally signing key %s...")"
"${key_id}"
lsign_keys "${key_id}"
done
msg "$(gettext "Importing owner trust values...")"
@@ -440,10 +439,19 @@ list_sigs() {
lsign_keys() {
check_keyids_exist
- # we cannot use --yes here as gpg would still ask for confirmation if a
key has more than one uid
- printf 'y\ny\n' | LANG=C "${GPG_PACMAN[@]}" --command-fd 0 --quiet
--batch --lsign-key "$@" 2>/dev/null
- if (( PIPESTATUS[1] )); then
- error "$(gettext "A specified key could not be locally
signed.")"
+
+ local ret=0
+ for key_id in "$@"; do
+ msg2 "$(gettext "Locally signing key %s...")" "${key_id}"
+ # we cannot use --yes here as gpg would still ask for
confirmation if a key has more than one uid
+ printf 'y\ny\n' | LANG=C "${GPG_PACMAN[@]}" --command-fd 0
--quiet --batch --lsign-key "${key_id}" 2>/dev/null
+ if (( PIPESTATUS[1] )); then
+ error "$(gettext "%s could not be locally signed.")"
"${key_id}"
+ ret=1
+ fi
+ done
+
+ if (( ret )); then
exit 1
fi
}
--
1.7.11
