diff options
author | Robin H. Johnson <robbat2@gentoo.org> | 2019-05-04 12:24:35 -0700 |
---|---|---|
committer | Robin H. Johnson <robbat2@gentoo.org> | 2019-05-04 12:24:35 -0700 |
commit | 39b69cb7d63d14f2816fd864eb60595680cfc94a (patch) | |
tree | a8a13da36db2a548e425307e5fbbfcc19561ff17 /keyrings.inc.bash | |
parent | keyrings: export filename should not be passed as a key! (diff) | |
download | qa-scripts-39b69cb7d63d14f2816fd864eb60595680cfc94a.tar.gz qa-scripts-39b69cb7d63d14f2816fd864eb60595680cfc94a.tar.bz2 qa-scripts-39b69cb7d63d14f2816fd864eb60595680cfc94a.zip |
keyrings: check for any change before renaming new dump
Signed-off-by: Robin H. Johnson <robbat2@gentoo.org>
Diffstat (limited to 'keyrings.inc.bash')
-rw-r--r-- | keyrings.inc.bash | 24 |
1 files changed, 19 insertions, 5 deletions
diff --git a/keyrings.inc.bash b/keyrings.inc.bash index 54f0e8c..2b5ad9a 100644 --- a/keyrings.inc.bash +++ b/keyrings.inc.bash @@ -83,13 +83,27 @@ export_keys() { # 'gpg --export' returns zero if there was no error with the command itself # If there are no keys in the export set, then it ALSO does not write the destination file # and prints 'gpg: WARNING: nothing exported' to stderr - if gpg --output "$TMP" --export "${@}" && test -s "${TMP}"; then - chmod a+r "${TMP}" - mv "${TMP}" "${DST}" - else - echo "Unable to export keys to $DST" + if ! gpg --output "$TMP" --export "${@}"; then + echo "Unable to export keys to $DST: GPG returned non-zero" + exit 1 + fi + if ! test -s "${TMP}"; then + echo "Unable to export keys to $DST: GPG returned zero but generated empty file" exit 1 fi + # We have a non-empty output now! + # Capture it in a textual format that can be compared for changes, but make sure it exports correctly + if ! gpg --list-packets "${TMP}" >"${TMP}.packets.txt"; then + echo "Unable to export keys to $DST: GPG failed to list packets" + exit 1 + fi + # Check if the textual format has changed at all, and emit the new version + # if there are ANY changes at all. + if ! cmp -s "${DST}.packets.txt" "${TMP}.packets.txt"; then + chmod a+r "${TMP}" + mv -f "${TMP}" "${DST}" + mv -f "${TMP}.packets.txt" "${DST}.packets.txt" + fi } # populate common variables |