X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=plc.d%2Fgpg;h=48c643e4b67d80f90af52e77cff0964badd79ccd;hb=c397708d9e9a3a2dbb80856630ace4da0af85e7a;hp=23a186077118cbc0ed3b53bbcd2f318769e384e3;hpb=2f1d4a44f2c6b3d5118befab1152cbb8e5f41d1e;p=myplc.git

diff --git a/plc.d/gpg b/plc.d/gpg
index 23a1860..48c643e 100755
--- a/plc.d/gpg
+++ b/plc.d/gpg
@@ -7,7 +7,7 @@
 # Mark Huang <mlhuang@cs.princeton.edu>
 # Copyright (C) 2006 The Trustees of Princeton University
 #
-# $Id: gpg,v 1.3 2006/05/08 18:16:33 mlhuang Exp $
+# $Id: gpg,v 1.5 2006/05/17 22:52:09 mlhuang Exp $
 #
 
 # Source function library and configuration
@@ -47,49 +47,51 @@ EOF
 	    mknod /dev/random c 1 8
 	    chmod 644 $PLC_ROOT_GPG_KEY_PUB
 	    chmod 600 $PLC_ROOT_GPG_KEY
-
-	    result "$MESSAGE"
 	else
 	    # Update GPG UID
 	    MESSAGE=$"Updating GPG keys"
 	    dialog "$MESSAGE"
 
-	    # Get the current GPG fingerprint
-	    fingerprint=$PLC_MAIL_SUPPORT_ADDRESS
-	    (
-		IFS=:
-		while read -a fields ; do
-		    if [ "${fields[0]}" = "pub" ] ; then
-			fingerprint=${fields[4]}
-			break
-		    fi
-		done < <(
-		    gpg --homedir=/root --no-tty --yes \
-			--no-default-keyring --keyring $PLC_ROOT_GPG_KEY_PUB --secret-keyring $PLC_ROOT_GPG_KEY \
-			--list-public-keys --with-colons
-		    check
-		)
+	    # Get the current GPG fingerprint and comment
+	    OLDIFS=$IFS
+	    IFS=:
+	    while read -a fields ; do
+		if [ "${fields[0]}" = "pub" ] ; then
+		    fingerprint=${fields[4]}
+		    break
+		fi
+	    done < <(
+		gpg --homedir=/etc/planetlab --no-permission-warning --no-tty --yes \
+		    --list-public-keys --with-colons
+		check
 	    )
+	    IFS=$OLDIFS
 
-	    # GPG UIDs cannot and should not normally be changed, but
-	    # since we do not certify signatures, we can effectively
-	    # change it by adding a new one and deleting the old one.
-	    gpg --homedir=/root --no-tty --yes \
-		--no-default-keyring --keyring $PLC_ROOT_GPG_KEY_PUB --secret-keyring $PLC_ROOT_GPG_KEY \
+	    # Add a new UID if appropriate. GPG will detect and merge duplicates.
+	    gpg --homedir=/etc/planetlab --no-permission-warning --no-tty --yes \
 		--command-fd 0 --status-fd 1 --edit-key $fingerprint <<EOF
 adduid
 $PLC_NAME Central
 $PLC_MAIL_SUPPORT_ADDRESS
 http://$PLC_WWW_HOST/
-uid 1
-deluid
-y
 save
 EOF
 	    check
+	fi
 
-	    result "$MESSAGE"
+	# Install the key in the RPM database
+	mkdir -p /etc/pki/rpm-gpg
+	gpg --homedir=/etc/planetlab --no-permission-warning --no-tty --yes \
+	    --export --armor >"/etc/pki/rpm-gpg/RPM-GPG-KEY-$PLC_NAME"
+	check
+	if rpm -q gpg-pubkey ; then
+	    rpm --allmatches -e gpg-pubkey
+	    check
 	fi
+	rpm --import /etc/pki/rpm-gpg/*
+	check
+
+	result "$MESSAGE"
 	;;
 esac