diff options
| author | Tobias Geerinckx-Rice <me@tobias.gr> | 2022-10-16 02:00:04 +0200 |
|---|---|---|
| committer | Tobias Geerinckx-Rice <me@tobias.gr> | 2022-10-16 02:00:28 +0200 |
| commit | 54c0b5c45767729b053574c2b2a62b17594f42ab (patch) | |
| tree | 1b56c5d8bb2dd0b2183d6a40ad27eddc7bec9b15 /etc | |
| parent | 9a0a786c2555b7e9bcef2a27dff8b82c002799ab (diff) | |
| download | guix-patches-54c0b5c45767729b053574c2b2a62b17594f42ab.tar guix-patches-54c0b5c45767729b053574c2b2a62b17594f42ab.tar.gz | |
guix-install.sh: Suggest what to do if fetching OpenPGP key(s) fails.
* etc/guix-install.sh (chk_gpg_keyring): Report an _err and set the
exit_flag if wget | gpg --import fails.
Diffstat (limited to 'etc')
| -rwxr-xr-x | etc/guix-install.sh | 28 |
1 files changed, 16 insertions, 12 deletions
diff --git a/etc/guix-install.sh b/etc/guix-install.sh index 3fad9deb1f..353fc68aab 100755 --- a/etc/guix-install.sh +++ b/etc/guix-install.sh @@ -3,7 +3,7 @@ # Copyright © 2017 sharlatan <sharlatanus@gmail.com> # Copyright © 2018 Ricardo Wurmus <rekado@elephly.net> # Copyright © 2018 Efraim Flashner <efraim@flashner.co.il> -# Copyright © 2019, 2020 Tobias Geerinckx-Rice <me@tobias.gr> +# Copyright © 2019–2020, 2022 Tobias Geerinckx-Rice <me@tobias.gr> # Copyright © 2020 Morgan Smith <Morgan.J.Smith@outlook.com> # Copyright © 2020 Simon Tournier <zimon.toutoune@gmail.com> # Copyright © 2020 Daniel Brooks <db48x@db48x.net> @@ -137,23 +137,27 @@ chk_gpg_keyring() gpg_key_id=${GPG_SIGNING_KEYS[$user_id]} # Without --dry-run this command will create a ~/.gnupg owned by root on # systems where gpg has never been used, causing errors and confusion. - if ! gpg --dry-run --list-keys "$gpg_key_id" >/dev/null 2>&1; then - if prompt_yes_no "${INF}The following OpenPGP public key is \ + if gpg --dry-run --list-keys "$gpg_key_id" >/dev/null 2>&1; then + continue + fi + if prompt_yes_no "${INF}The following OpenPGP public key is \ required to verify the Guix binary signature: $gpg_key_id. Would you like me to fetch it for you?"; then - # Use a reasonable time-out here so users don't report silent - # ‘freezes’ when Savannah goes out to lunch, as has happened. - wget "https://sv.gnu.org/people/viewgpg.php?user_id=$user_id" \ - --timeout=30 --no-verbose -O- | gpg --import - - else - _err "${ERR}Missing OpenPGP public key ($gpg_key_id). + # Use a reasonable time-out here so users don't report silent + # ‘freezes’ when Savannah goes out to lunch, as has happened. + if wget "https://sv.gnu.org/people/viewgpg.php?user_id=$user_id" \ + --timeout=30 --no-verbose -O- | gpg --import -; then + continue + fi + fi + # If we reach this point, the key is (still) missing. Report further + # missing keys, if any, but then abort the installation. + _err "${ERR}Missing OpenPGP public key ($gpg_key_id). Fetch it with this command: wget \"https://sv.gnu.org/people/viewgpg.php?user_id=$user_id\" -O - | \ sudo -i gpg --import -" - exit_flag=yes - fi - fi + exit_flag=yes done if [ "$exit_flag" = yes ]; then exit 1 |