summaryrefslogtreecommitdiff
path: root/doc
diff options
context:
space:
mode:
Diffstat (limited to 'doc')
-rw-r--r--doc/pacman-key.8.txt74
1 files changed, 40 insertions, 34 deletions
diff --git a/doc/pacman-key.8.txt b/doc/pacman-key.8.txt
index 3631ec8c..96ac31c3 100644
--- a/doc/pacman-key.8.txt
+++ b/doc/pacman-key.8.txt
@@ -12,7 +12,7 @@ pacman-key - manage pacman's list of trusted keys
Synopsis
--------
-'pacman-key' [options]
+'pacman-key' [options] operation [targets]
Description
@@ -26,45 +26,40 @@ More complex keyring management can be achieved using GnuPG directly combined wi
the '\--homedir' option pointing at the pacman keyring (located in
+{sysconfdir}/pacman.d/gnupg+ by default).
+Invoking pacman-key consists of supplying an operation with any potential
+options and targets to operate on. Depending on the operation, a 'target' may
+be a valid key identifier, filename, or directory.
-Options
--------
-*-a, \--add* [file(s)]::
+Operations
+----------
+*-a, \--add*::
Add the key(s) contained in the specified file or files to pacman's
keyring. If a key already exists, update it.
-*\--config* <file>::
- Use an alternate config file instead of the +{sysconfdir}/pacman.conf+
- default.
-
-*-d, \--delete* <keyid(s)>::
+*-d, \--delete*::
Remove the key(s) identified by the specified keyid(s) from pacman's
keyring.
-*-e, \--export* [keyid(s)]::
+*-e, \--export*::
Export key(s) identified by the specified keyid(s) to 'stdout'. If no keyid
is specified, all keys will be exported.
-*\--edit-key* <keyid(s)>::
+*\--edit-key*::
Present a menu for key management task on the specified keyid(s). Useful
for adjusting a keys trust level.
-*-f, \--finger* [keyid(s)]::
+*-f, \--finger*::
List a fingerprint for each specified keyid, or for all known keys if no
keyids are specified.
-*\--gpgdir* <dir>::
- Set an alternate home directory for GnuPG. If unspecified, the value is
- read from +{sysconfdir}/pacman.conf+.
-
*-h, \--help*::
Output syntax and command line options.
-*\--import* <dir(s)>::
+*\--import*::
Imports keys from `pubring.gpg` into the public keyring from the specified
directories.
-*\--import-trustdb* <dir(s)> ::
+*\--import-trustdb*::
Imports ownertrust values from `trustdb.gpg` into the shared trust database
from the specified directories.
@@ -72,42 +67,53 @@ Options
Ensure the keyring is properly initialized and has the required access
permissions.
-*\--keyserver* <keyserver>::
- Use the specified keyserver if the operation requires one. This will take
- precedence over any keyserver option specified in a `gpg.conf`
- configuration file. Running '\--init' with this option will set the default
- keyserver if one was not already configured.
-
-*-l, \--list-keys* [keyid(s)]::
+*-l, \--list-keys*::
Lists all or specified keys from the public keyring.
-*\--list-sigs* [keyid(s)]::
+*\--list-sigs*::
Same as '\--list-keys', but the signatures are listed too.
-*\--lsign-key* <keyid>::
+*\--lsign-key*::
Locally sign the given key. This is primarily used to root the web of trust
in the local private key generated by '\--init'.
-*-r, \--recv-keys* <keyid(s)>::
+*-r, \--recv-keys*::
Equivalent to '\--recv-keys' in GnuPG.
-*\--refresh-keys* [keyid(s)]::
+*\--refresh-keys*::
Equivalent to '\--refresh-keys' in GnuPG.
-*\--populate* [keyring(s)]::
+*\--populate*::
Reload the default keys from the (optionally provided) keyrings in
+{pkgdatadir}/keyrings+. For more information, see
<<SC,Providing a Keyring for Import>> below.
*-u, \--updatedb*::
- Equivalent to '\--check-trustdb' in GnuPG.
-
-*-v, \--verify* <signature>::
- Verify the given signature file.
+ Equivalent to '\--check-trustdb' in GnuPG. This operation can be specified with
+ other operations.
*-V, \--version*::
Displays the program version.
+*-v, \--verify*::
+ Verify the given signature file.
+
+Options
+-------
+*\--config* <file>::
+ Use an alternate config file instead of the +{sysconfdir}/pacman.conf+
+ default.
+
+*\--gpgdir* <dir>::
+ Set an alternate home directory for GnuPG. If unspecified, the value is
+ read from +{sysconfdir}/pacman.conf+.
+
+*\--keyserver* <keyserver>::
+ Use the specified keyserver if the operation requires one. This will take
+ precedence over any keyserver option specified in a `gpg.conf`
+ configuration file. Running '\--init' with this option will set the default
+ keyserver if one was not already configured.
+
Providing a Keyring for Import
------------------------------