emdee/base_role
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

first

Browse source
This commit is contained in:
embed@git.macaw.me 2024-01-06 01:38:28 +00:00
commit b50fd16591
197 changed files with 41663 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

58
overlay/Gentoo/usr/local/bin/base_gnupg_test.bash Executable file
View file

@ -0,0 +1,58 @@
#!/bin/bash
# -*- mode: sh; fill-column: 75; tab-width: 8; coding: utf-8-unix -*-
prog=$( basename $0 .bash )
PREFIX=/usr/local
ROLE=base
. /usr/local/bin/usr_local_tput.bash || exit 1
# The idea here is to run ansible_local.bash --tags daily
# and then use this to do the parsing and throwing errors based on the output.
# This was the ansible run can be free from erroring and this can be
# run repeatedly anytime outside of ansible to deal with the issues raised.
# It is also run at the end of ansible_local.bash --tags daily to raise the issues.
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
[ -f /usr/local/etc/testforge/testforge.bash ] && . /usr/local/etc/testforge/testforge.bash
. /usr/local/etc/local.d/local.bash
MYID=$( id -u )
[ $MYID -eq 0 ] || { ERROR $prog must be run as root $MYID ; exit 1 ; }
LOG_DIR=/usr/local/tmp
[ -d /etc/portage/gnupg ] || exit 0
KEY_ID=96D8BF6D
KEY_SER=subkeys.pgp.net
GPG="gpg --home /etc/portage/gnupg"
# * - primary key: DCD05B71EAB94199527F44ACDB6B8C1F96D8BF6D
# * - subkey: E1D6ABB63BFCFB4BA02FDF1CEC590EEAC9189250
if route | grep ^def ; then
[ -f /usr/local/bin/base_daily.gpg ] || \
/usr/local/bin/scurl.bash --output /usr/local/bin/base_daily.gpg \
https://qa-reports.gentoo.org/output/service-keys.gpg || \
exit 2$?
fi
if [ -f /usr/local/bin/base_daily.gpg ] ; then
: trusted
# expired keys pass this
if $GPG --list-keys --with-colons |grep $KEY_ID |grep :f: ; then
: full trust?
elif $GPG --list-keys |grep -A1 $KEY_ID |tail -1| grep unknown ; then
expect /usr/local/bin/base_daily.exp || exit 4$?
elif $GPG --list-keys |grep -A1 $KEY_ID |tail -1| grep trust ; then
: this format does not exist
else
PANIC 3 $GPG --list-keys $KEY_ID not trusted
fi
else
gpg --homedir /etc/portage/gnupg --keyserver $KEY_SER --recv-keys 0x$KEY_ID
expect /usr/local/bin/base_daily.exp || exit 5$?
# was gpg --homedir /etc/portage/gnupg --edit-key 0x$KEY_ID trust || exit 6
fi
ls -ld /etc/portage/gnupg | grep -q drwx------ || chmod 700 /etc/portage/gnupg