Hallo, Dan McGee:
On Thu, Jun 23, 2011 at 2:36 AM, Wieland Hoffmann <themineo@googlemail.com> wrote:
+ echo "$(gettext "NOT FOUND")" >&2 + errors=1 + found=0 + fi + + if (( found )); then + if ! gpg --quiet --batch --verify "$file" 2> /dev/null; then + echo "$(gettext "Verification failed")" >&2 Any need to eat stderr? If things only show up in exceptional cases, I'd rather it come through.
After looking at this more thorougly it seems like ALL output will appear on stderr [0]. I think it's a good idea to eat stderr here and instead use --status-file to save status messages in a temporary file and then grep for one of EXPSIG, EXPKEYSIG or REVKEYSIG (yes, gpg exits with status 0 even if the key that signed something has been revoked)[1] and exit immediately with an error message. Any objections? [0] http://lists.gnupg.org/pipermail/gnupg-users/2010-November/039821.html [1] http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=blob;f=doc/DETAILS;h=2... -- Wieland / Mineo