Add the "GPGKEY" option to makepkg.conf for specifying signing packages with the non-default key from the keyring. Is overridded by makepkg's --key option. Signed-off-by: Allan McRae <allan@archlinux.org> --- doc/makepkg.8.txt | 5 +++-- doc/makepkg.conf.5.txt | 4 ++++ etc/makepkg.conf.in | 3 +++ scripts/makepkg.sh.in | 14 ++++++++------ 4 files changed, 18 insertions(+), 8 deletions(-) diff --git a/doc/makepkg.8.txt b/doc/makepkg.8.txt index 319e45c..85a7759 100644 --- a/doc/makepkg.8.txt +++ b/doc/makepkg.8.txt @@ -169,8 +169,9 @@ Options Do not create a signature for the package. *\--key* <key>:: - Specify a key to use when signing a packages. If not specified, the default - key from the keyring will be used. + Specify a key to use when signing a packages, overriding the GPGKEY setting + in linkman:makepkg.conf[5]. If not specified in either location, the + default key from the keyring will be used. *\--noconfirm*:: (Passed to pacman) Prevent pacman from waiting for user input before diff --git a/doc/makepkg.conf.5.txt b/doc/makepkg.conf.5.txt index a9faa14..9d3ad0a 100644 --- a/doc/makepkg.conf.5.txt +++ b/doc/makepkg.conf.5.txt @@ -110,6 +110,10 @@ Options running in the DistCC cluster. In addition, you will want to modify your `MAKEFLAGS`. +**GPGKEY=**"":: + Specify a key to use for gpg signing instead of the default key in the + keyring. Can be overridden with makepkg's `--key` option. + **OPTIONS=(**strip !docs libtool emptydirs zipman**)**:: This array contains options that affect the default packaging. They are equivalent to options that can be placed in the PKGBUILD; the defaults are diff --git a/etc/makepkg.conf.in b/etc/makepkg.conf.in index c3b7cc0..9bfb5b9 100644 --- a/etc/makepkg.conf.in +++ b/etc/makepkg.conf.in @@ -54,6 +54,9 @@ BUILDENV=(fakeroot !distcc color !ccache check !sign) #-- If using DistCC, your MAKEFLAGS will also need modification. In addition, #-- specify a space-delimited list of hosts running in the DistCC cluster. #DISTCC_HOSTS="" +# +#-- Specify a key to use for package signing +#GPGKEY="" ######################################################################### # GLOBAL PACKAGE OPTIONS diff --git a/scripts/makepkg.sh.in b/scripts/makepkg.sh.in index 36ac728..70d3cf3 100644 --- a/scripts/makepkg.sh.in +++ b/scripts/makepkg.sh.in @@ -1116,8 +1116,8 @@ create_signature() { fi local SIGNWITHKEY="" - if [[ -n $SIGNKEY ]]; then - SIGNWITHKEY="-u ${SIGNKEY}" + if [[ -n $GPGKEY ]]; then + SIGNWITHKEY="-u ${GPGKEY}" fi # The signature will be generated directly in ascii-friendly format gpg --detach-sign --use-agent ${SIGNWITHKEY} "$filename" &>/dev/null || ret=$? @@ -1697,7 +1697,7 @@ while true; do -g|--geninteg) GENINTEG=1 ;; --holdver) HOLDVER=1 ;; -i|--install) INSTALL=1 ;; - --key) shift; SIGNKEY=$1 ;; + --key) shift; GPGKEY=$1 ;; -L|--log) LOGGING=1 ;; -m|--nocolor) USE_COLOR='n' ;; --nocheck) RUN_CHECK='n' ;; @@ -1727,6 +1727,7 @@ done [[ -n ${SRCPKGDEST} ]] && _SRCPKGDEST=$(canonicalize_path ${SRCPKGDEST}) [[ -n ${PKGEXT} ]] && _PKGEXT=${PKGEXT} [[ -n ${SRCEXT} ]] && _SRCEXT=${SRCEXT} +[[ -n ${GPGKEY} ]] && _GPGKEY=${GPGKEY} # default config is makepkg.conf MAKEPKG_CONF=${MAKEPKG_CONF:-$confdir/makepkg.conf} @@ -1792,6 +1793,7 @@ SRCPKGDEST=${SRCPKGDEST:-$startdir} #default to $startdir if undefined PKGEXT=${_PKGEXT:-$PKGEXT} SRCEXT=${_SRCEXT:-$SRCEXT} +GPGKEY=${_GPGKEY:-$GPGKEY} if (( HOLDVER )) && [[ -n $FORCE_VER ]]; then # The '\\0' is here to prevent gettext from thinking --holdver is an option @@ -1948,9 +1950,9 @@ if [[ -z "$SIGNPKG" && $(check_buildenv sign) == 'y' ]]; then SIGNPKG='y' fi if [[ $SIGNPKG == 'y' ]]; then - if ! gpg --list-key ${SIGNKEY} &>/dev/null; then - if [[ ! -z $SIGNKEY ]]; then - error "$(gettext "The key ${SIGNKEY} does not exist in your keyring.")" + if ! gpg --list-key ${GPGKEY} &>/dev/null; then + if [[ ! -z $GPGKEY ]]; then + error "$(gettext "The key ${GPGKEY} does not exist in your keyring.")" else error "$(gettext "There is no key in your keyring.")" fi -- 1.7.4.4