[pacman-dev] [PATCH 1/4] pacman-key: lsign keys in --populate without prompting

Pierre Schmitz pierre at archlinux.de
Sun Mar 25 08:10:39 EDT 2012

There is no gain in security when we ask the user to type in "y" on every
single key. It also makes scripting harder.

Signed-off-by: Pierre Schmitz <pierre at archlinux.de>
 scripts/pacman-key.sh.in |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/scripts/pacman-key.sh.in b/scripts/pacman-key.sh.in
index 482b56d..32c70dc 100644
--- a/scripts/pacman-key.sh.in
+++ b/scripts/pacman-key.sh.in
@@ -275,7 +275,7 @@ populate_keyring() {
 		msg "$(gettext "Locally signing trusted keys in keyring...")"
 		for key_id in "${!trusted_ids[@]}"; do
 			msg2 "$(gettext "Locally signing key %s...")" "${key_id}"
-			"${GPG_PACMAN[@]}" --quiet --lsign-key "${key_id}"
+			"${GPG_PACMAN[@]}" --quiet --batch --yes --lsign-key "${key_id}"
 		msg "$(gettext "Importing owner trust values...")"
 		for keyring in "${KEYRINGIDS[@]}"; do

More information about the pacman-dev mailing list