summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLennart Poettering <lennart@poettering.net>2015-01-22 17:07:27 +0100
committerLennart Poettering <lennart@poettering.net>2015-01-22 17:50:50 +0100
commit1c49d1ba850f9306d5cebc0441ef66ffa33d348b (patch)
treeb69da1a90202001978e693d6f68172540e0705ba
parent8dbce34b0373923c7aa7d795024bbedb0a85c7ea (diff)
import: make the user verficiation keyring override the vendor keyring, instead of extending it
This way the user has the ability to remove keys from the vendor-supplied keyring if he intends so.
-rw-r--r--src/import/import-common.c5
1 files changed, 3 insertions, 2 deletions
diff --git a/src/import/import-common.c b/src/import/import-common.c
index 395f998f16..561c77abdf 100644
--- a/src/import/import-common.c
+++ b/src/import/import-common.c
@@ -358,8 +358,7 @@ int import_verify(
"--no-auto-check-trustdb",
"--batch",
"--trust-model=always",
- "--keyring=" VENDOR_KEYRING_PATH,
- NULL, /* maybe user keyring */
+ NULL, /* keyring to use */
NULL, /* --verify */
NULL, /* signature file */
NULL, /* dash */
@@ -403,6 +402,8 @@ int import_verify(
* otherwise. */
if (access(USER_KEYRING_PATH, F_OK) >= 0)
cmd[k++] = "--keyring=" USER_KEYRING_PATH;
+ else
+ cmd[k++] = "--keyring=" VENDOR_KEYRING_PATH;
cmd[k++] = "--verify";
cmd[k++] = sig_file_path;