-
Notifications
You must be signed in to change notification settings - Fork 40
/
recv_gpg_keys
executable file
·22 lines (20 loc) · 891 Bytes
/
recv_gpg_keys
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
#!/bin/bash -e
if [[ -z $SANDBOXED ]]; then
[[ -d /run/user/$UID/gnupg ]] && bind_gnupg=("--ro-bind" "/run/user/$UID/gnupg" "/run/user/$UID/gnupg")
exec bwrap --unshare-all --ro-bind / / --tmpfs /home --tmpfs /tmp \
--tmpfs /run "${bind_gnupg[@]}" \
--proc /proc --dev /dev --die-with-parent \
--ro-bind "$0" /tmp/recv_gpg_keys \
--bind ~/.lilac/gnupg "$HOME/.gnupg" \
--ro-bind PKGBUILD /tmp/PKGBUILD --chdir /tmp --setenv SANDBOXED 1 \
/tmp/recv_gpg_keys "$@"
fi
. /usr/share/makepkg/util.sh
. ./PKGBUILD
for key in "${validpgpkeys[@]}"; do
echo "Receiving key ${key}..."
# try both servers as some keys exist one place and others another
# we also want to always try to receive keys to pick up any update
gpg --keyserver hkps:https://keyserver.ubuntu.com --recv-keys "$key" || true
gpg --keyserver hkps:https://keys.openpgp.org --recv-keys "$key" || true
done