base="${base}/scripts/builddkeyrings"
INCOMING="${base}/incoming"
ERRORS="${base}/errors"
-ADMINS="${base}/admins"
+ADMINS="${base}/adminkeys.gpg"
# Default options for our gpg calls
DEFGPGOPT="--no-default-keyring --batch --no-tty --no-options --exit-on-status-write-error --no-greeting"
file=${file##*/}
# First we want to see if we recognize the filename. The buildd people have
# to follow a certain schema:
- # architecture_builddname.YEAR-MONTH-DAY_HOUR:MINUTE.key
- if [[ $file =~ (.*)_(.*).([0-9]{4}-[0-9]{2}-[0-9]{2}_[0-9]{2}:[0-9]{2}).key ]]; then
+ # architecture_builddname.YEAR-MONTH-DAY_HOURMINUTE.key
+ if [[ $file =~ (.*)_(.*).([0-9]{4}-[0-9]{2}-[0-9]{2}_[0-9]{2}[0-9]{2}).key ]]; then
ARCH=${BASH_REMATCH[1]}
BUILDD=${BASH_REMATCH[2]}
# Right now timestamp is unused
exec 5> "${GPGLOGS}"
# So lets run gpg, status/logger into the two files, to "decrypt" the keyfile
- if ! gpg ${DEFGPGOPT} --keyring "${ADMINS}/${ARCH}.gpg" --status-fd 4 --logger-fd 5 --decrypt "${INCOMING}/${file}" > "${GPGOUTF}"; then
+ if ! gpg ${DEFGPGOPT} --keyring "${ADMINS}" --status-fd 4 --logger-fd 5 --decrypt "${INCOMING}/${file}" > "${GPGOUTF}"; then
ret=$?
log "gpg returned with ${ret}, not adding key from file ${file}"
DATE=$(date -Is)
# We need to check for the amount of keys
ARCHKEYRING="${base}/${ARCH}/keyring.gpg"
- KEYNO=$(gpg ${DEFGPGOPT} --keyring "${ARCHKEYRING}" --with-colons --list-keys "buildd_${ARCH}-${BUILDD}@buildd.debian.org" | grep -c '^pub:')
+ KEYNO=$(gpg ${DEFGPGOPT} --keyring "${ARCHKEYRING}" --with-colons --list-keys "buildd_${ARCH}-${BUILDD}@buildd.debian.org" | grep -c '^pub:' || /bin/true )
if [ ${KEYNO} -gt 2 ]; then
DATE=$(date -Is)
mv "${INCOMING}/${file}" "${ERRORS}/toomany.${file}.${DATE}"
projects / dak.git / blobdiff