summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMichael Vogt <michael.vogt@ubuntu.com>2011-10-05 21:42:34 +0200
committerMichael Vogt <michael.vogt@ubuntu.com>2011-10-05 21:42:34 +0200
commitf180f39e94c189799b0a0668de801519a5a6108d (patch)
tree019af2ded959cb21b78cea4566433f8340eb8bf9
parent5f8f6b4eccf04b8f66274297b125a5e4cba6e228 (diff)
cmdline/apt-key: fix --check-sigs to ensure that the signature can verify and also add master keyring to ensure that we can actually verify the signature
-rwxr-xr-xcmdline/apt-key5
1 files changed, 2 insertions, 3 deletions
diff --git a/cmdline/apt-key b/cmdline/apt-key
index c522d54fe..9c7804d5b 100755
--- a/cmdline/apt-key
+++ b/cmdline/apt-key
@@ -63,12 +63,11 @@ add_keys_with_verify_against_master_keyring() {
# export the add keyring one-by-one
rm -f $TMP_KEYRING
- $GPG_CMD --keyring $ADD_KEYRING --export $add_key --output $TMP_KEYRING
-
+ $GPG_CMD --keyring $ADD_KEYRING --output $TMP_KEYRING --export $add_key
# check if signed with the master key and only add in this case
ADDED=0
for master_key in $master_keys; do
- if $GPG_CMD --keyring $TMP_KEYRING --check-sigs --with-colons $add_key | grep ^sig | cut -d: -f5 | grep -q $master_key; then
+ if $GPG_CMD --keyring $MASTER_KEYRING --keyring $TMP_KEYRING --check-sigs --with-colons $add_key | grep '^sig:!:' | cut -d: -f5 | grep -q $master_key; then
$GPG --import $TMP_KEYRING
ADDED=1
fi