[pacman-dev] [PATCH 2/2] pacman-key: avoid use of tempfile in verify_sig

Dave Reisner dreisner at archlinux.org
Sun Apr 8 14:13:45 EDT 2012


Use --status-fd rather than --status-file to keep this contained in a
pipeline.

Signed-off-by: Dave Reisner <dreisner at archlinux.org>
---
 scripts/pacman-key.sh.in |    6 +-----
 1 file changed, 1 insertion(+), 5 deletions(-)

diff --git a/scripts/pacman-key.sh.in b/scripts/pacman-key.sh.in
index 1a2bac3..87d7658 100644
--- a/scripts/pacman-key.sh.in
+++ b/scripts/pacman-key.sh.in
@@ -439,14 +439,10 @@ refresh_keys() {
 }
 
 verify_sig() {
-	local fd="$(mktemp)"
-	"${GPG_PACMAN[@]}" --status-file "${fd}" --verify $SIGNATURE
-	if ! grep -qE 'TRUST_(FULLY|ULTIMATE)' "${fd}"; then
-		rm -f "${fd}"
+	if ! "${GPG_PACMAN[@]}" --status-fd 1 --verify $SIGNATURE | grep -qE 'TRUST_(FULLY|ULTIMATE)'; then
 		error "$(gettext "The signature identified by %s could not be verified.")" "$SIGNATURE"
 		exit 1
 	fi
-	rm -f "${fd}"
 }
 
 updatedb() {
-- 
1.7.10



More information about the pacman-dev mailing list