key-init: only attempt to import individual user keys if legacy dir exists, skip otherwise

Signed-off-by: Thierry Laurion <insurgo@riseup.net>
This commit is contained in:
Thierry Laurion 2024-09-03 14:49:42 -04:00
parent ebb4d7ab69
commit 9633d6bfb1
No known key found for this signature in database
GPG Key ID: 9A53E1BB3FF00461

View File

@ -13,8 +13,13 @@ if [ "$(date +%Y)" -lt 2024 ]; then
change-time.sh change-time.sh
fi fi
# Import user's keys # Import user's keys if they exist
gpg --import /.gnupg/keys/*.key /.gnupg/keys/*.asc 2>/dev/null || warn "Importing user's keys failed" if [ -d /.gnupg/keys ]; then
# This is legacy location for user's keys. cbfs-init takes for granted that keyring and trustdb are in /.gnupg
# oem-factory-reset generates keyring and trustdb which cbfs-init dumps to /.gnupg
# TODO: Remove individual key imports. This is still valid for distro keys only below.
gpg --import /.gnupg/keys/*.key /.gnupg/keys/*.asc 2>/dev/null || warn "Importing user's keys failed"
fi
# Import trusted distro keys allowed for ISO signing # Import trusted distro keys allowed for ISO signing
gpg --homedir=/etc/distro/ --import /etc/distro/keys/* 2>/dev/null || warn "Importing distro keys failed" gpg --homedir=/etc/distro/ --import /etc/distro/keys/* 2>/dev/null || warn "Importing distro keys failed"