+
+ # Install the key in the RPM database
+ mkdir -p /etc/pki/rpm-gpg
+ gpg --homedir=$homedir --no-permission-warning --batch --no-tty --yes \
+ --no-default-keyring \
+ --secret-keyring=$PLC_ROOT_GPG_KEY \
+ --keyring=$PLC_ROOT_GPG_KEY_PUB \
+ --export --armor >"/etc/pki/rpm-gpg/RPM-GPG-KEY-$PLC_NAME"
+ check
+ if rpm -q gpg-pubkey ; then
+ rpm --allmatches -e gpg-pubkey
+ check
+ fi
+ # starting with rpm-4.6, this fails when run a second time
+ # it would be complex to do this properly based on the filename,
+ # as /etc/pki/rpm-gpg/ typically has many symlinks to the same file
+ # see also http://fedoranews.org/tchung/gpg/
+ # so just ignore the result
+ rpm --import /etc/pki/rpm-gpg/* || :
+ check
+
+ # Make GPG key readable by apache so that the API can sign peer requests
+ chown apache $PLC_ROOT_GPG_KEY
+ chmod 644 $PLC_ROOT_GPG_KEY_PUB
+ chmod 600 $PLC_ROOT_GPG_KEY
+ check
+
+ # Cleanup
+ rm -rf $homedir
+
+ result "$MESSAGE"