X-Git-Url: https://git.decadent.org.uk/gitweb/?a=blobdiff_plain;f=dak%2Fimport_keyring.py;h=602eb3744fb4334ad962a99007e347e271c517eb;hb=2b4d5bf75e28a6b5fa5afbd58defdf661c893033;hp=25f72e401d1450a17c3cd9834201180ae145b93b;hpb=a10398019d83fb13fbe230c944ed51470a35df34;p=dak.git diff --git a/dak/import_keyring.py b/dak/import_keyring.py index 25f72e40..602eb374 100755 --- a/dak/import_keyring.py +++ b/dak/import_keyring.py @@ -173,7 +173,6 @@ def usage (exit_code=0): -h, --help show this help and exit. -L, --import-ldap-users generate uid entries for keyring from LDAP -U, --generate-users FMT generate uid entries from keyring as FMT""" - -D, --debian-maintainer mark generated uids as debian-maintainers sys.exit(exit_code) @@ -186,8 +185,7 @@ def main(): Arguments = [('h',"help","Import-Keyring::Options::Help"), ('L',"import-ldap-users","Import-Keyring::Options::Import-Ldap-Users"), ('U',"generate-users","Import-Keyring::Options::Generate-Users", "HasArg"), - ('D',"debian-maintainer","Import-Keyring::Options::Debian-Maintainer"), - ] + ] for i in [ "help", "report-changes", "generate-users", "import-ldap-users" ]: if not Cnf.has_key("Import-Keyring::Options::%s" % (i)): @@ -224,6 +222,11 @@ def main(): keyringname = keyring_names[0] keyring = Keyring(keyringname) + is_dm = "false" + if Cnf.has_key("Import-Keyring::"+keyringname+"::Debian-Maintainer"): + projectB.query("UPDATE keyrings SET debian_maintainer = '%s' WHERE name = '%s'" % (Cnf["Import-Keyring::"+keyringname+"::Debian-Maintainer"], keyringname.split("/")[-1])) + is_dm = Cnf["Import-Keyring::"+keyringname+"::Debian-Maintainer"] + keyring_id = database.get_or_set_keyring_id( keyringname.split("/")[-1]) @@ -270,11 +273,6 @@ def main(): # For the keys in this keyring, add/update any fingerprints that've # changed. - # Determine if we need to set the DM flag - is_dm = "no" - if Cnf("Import-Keyring::Options::Debian-Maintainer"): - is_dm = "yes" - for f in fpr: newuid = fpr[f][0] newuiduid = db_uid_byid.get(newuid, [None])[0] @@ -284,9 +282,9 @@ def main(): if oldfid == -1: changes.append((newuiduid, "Added key: %s" % (f))) if newuid: - projectB.query("INSERT INTO fingerprint (fingerprint, uid, keyring, debian_maintainer) VALUES ('%s', %d, %d, %s)" % (f, newuid, keyring_id, is_dm)) + projectB.query("INSERT INTO fingerprint (fingerprint, uid, keyring) VALUES ('%s', %d, %d)" % (f, newuid, keyring_id)) else: - projectB.query("INSERT INTO fingerprint (fingerprint, keyring) VALUES ('%s', %d, %s)" % (f, keyring_id, is_dm)) + projectB.query("INSERT INTO fingerprint (fingerprint, keyring) VALUES ('%s', %d)" % (f, keyring_id)) else: if newuid and olduid != newuid: if olduid != -1: @@ -298,7 +296,12 @@ def main(): projectB.query("UPDATE fingerprint SET uid = %d WHERE id = %d" % (newuid, oldfid)) if oldkid != keyring_id: - projectB.query("UPDATE fingerprint SET keyring = %d WHERE id = %d" % (keyring_id, oldfid)) + # Only change the keyring if it won't result in a loss of permissions + q = projectB.query("SELECT debian_maintainer FROM keyrings WHERE id = '%d'" % (keyring_id)) + if is_dm == "false" and q.getresult()[0][0] == 'f': + projectB.query("UPDATE fingerprint SET keyring = %d WHERE id = %d" % (keyring_id, oldfid)) + else: + print "Key %s exists in both DM and DD keyrings. Not demoting." % (f) # All done!