On 4/11/19 3:14 am, Matthew Sexton wrote:
To cut down on spam during --populate, both locally signing and revoking keys now hide the specific keys being signed or revoked, but can be shown with --verbose. A count was added, to show the number of keys signed/revoked during the process.
Typo in commit subject - hid -> hide. Also change "spam" to output.
This commit closes: FS#64142 - pacman-key: make populate less noisy
There is an addition comment in the bug: "Additionally, we should consider only counting keys to be disabled that are not currently disabled. Same with lsign key." So, partially implements FS#64142. Minor comment below.
Signed-off-by: Matthew Sexton <wsdmatty@gmail.com> --- scripts/pacman-key.sh.in | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-)
diff --git a/scripts/pacman-key.sh.in b/scripts/pacman-key.sh.in index a59dba52..4eea248b 100644 --- a/scripts/pacman-key.sh.in +++ b/scripts/pacman-key.sh.in @@ -334,11 +334,16 @@ populate_keyring() { done
if (( ${#revoked_ids[@]} > 0 )); then + local key_count=0 msg "$(gettext "Disabling revoked keys in keyring...")" for key_id in "${!revoked_ids[@]}"; do - msg2 "$(gettext "Disabling key %s...")" "${key_id}" + key_count=$((key_count+1))
Putting the key counting at the end would be useful if in the future we detect those keys already disabled and don't re-disable them.
+ if (( VERBOSE )); then + msg2 "$(gettext "Disabling key %s...")" "${key_id}" + fi printf 'disable\nquit\n' | LANG=C "${GPG_PACMAN[@]}" --command-fd 0 --quiet --batch --edit-key "${key_id}" 2>/dev/null done + msg2 "$(gettext "Disabled %s keys.")" "${key_count}" fi }
@@ -447,19 +452,24 @@ lsign_keys() { check_keyids_exist
local ret=0 + local key_count=0 for key_id in "$@"; do - msg2 "$(gettext "Locally signing key %s...")" "${key_id}" + if (( VERBOSE )); then + msg2 "$(gettext "Locally signing key %s...")" "${key_id}" + fi # we cannot use --yes here as gpg would still ask for confirmation if a key has more than one uid printf 'y\ny\n' | LANG=C "${GPG_PACMAN[@]}" --command-fd 0 --quiet --batch --lsign-key "${key_id}" 2>/dev/null if (( PIPESTATUS[1] )); then error "$(gettext "%s could not be locally signed.")" "${key_id}" ret=1 fi + key_count=$((key_count+1)) done
if (( ret )); then exit 1 fi + msg2 "$(gettext "Locally signed %s keys.")" "${key_count}" }
receive_keys() {