when checking whether or not a file needs to be reencrypted, some
extraneous lines might get output, causing the list of keys to always be
different from what is present in .gpg-id, leading some commands to
always reencrypt files.
To ensure that we get what we want, we need to filter output for lines
formatted like what we expect to parse.
---
src/password-store.sh | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/password-store.sh b/src/password-store.sh
index ea63880..f5ba9d4 100755
--- a/src/password-store.sh
+++ b/src/password-store.sh
@@ -125,7 +125,7 @@ reencrypt_path() {
done
gpg_keys="$(LC_ALL=C $GPG $PASSWORD_STORE_GPG_OPTS
--list-keys --with-colons "${GPG_RECIPIENTS[@]}" | sed -n
's/sub:[^:]*:[^:]*:[^:]*:\([^:]*\):[^:]*:[^:]*:[^:]*:[^:]*:[^:]*:[^:]*:[a-zA-Z]*e[a-zA-Z]*:.*/\1/p'
| LC_ALL=C sort -u)"
fi
- current_keys="$(LC_ALL=C $GPG $PASSWORD_STORE_GPG_OPTS -v
--no-secmem-warning --no-permission-warning --decrypt --list-only
--keyid-format long "$passfile" 2>&1 | cut -d ' ' -f 5 | LC_ALL=C sort -u)"
+ current_keys="$(LC_ALL=C $GPG $PASSWORD_STORE_GPG_OPTS -v
--no-secmem-warning --no-permission-warning --decrypt --list-only
--keyid-format long "$passfile" 2>&1 | grep "^gpg: public key is" | cut -d ' '
-f 5 | LC_ALL=C sort -u)"
if [[ $gpg_keys != "$current_keys" ]]; then
echo "$passfile_display: reencrypting to
${gpg_keys//$'\n'/ }"
--
2.11.0
_______________________________________________
Password-Store mailing list
[email protected]
https://lists.zx2c4.com/mailman/listinfo/password-store
