On Thu, Sep 16, 2010 at 12:40 AM, Denis A. Altoé Falqueto email@example.com wrote:
The script pacman-key will manage pacman's keyring. It imports, exports, fetches from keyservers, helps in the process of trusting and updates the trust database.
Signed-off-by: Denis A. Altoé Falqueto firstname.lastname@example.org
Allan, I'm thinking in change some parts of this patch. I've seen you already applied to your git repository, so should I send the patch all again or should I send a "patch to the patch"?
I want to do two things:
1. the --add command should behave just like gpg, importing from stdin when there's no files specified. I'm struggling with parameter expansion, but I'll figure the correct way soon :)
2. the --reload option could be enhanced for the following scenario: Let's say an active developer leaves the project. So, his key must be put on the list of removed keys. But he has a personal repository that lots of people use and he signs his packages too. The current behavior would delete his key from the keyring and the user would need to manually add it every time the --reload option is run.
We could have an option in pacman.conf that indicates which keys must be kept, even if in the list of removed keys. For example, an option called HoldKeys, in the same spirit of HoldPkg.
Do you agree with the need and solution?