summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDan McGee <dan@archlinux.org>2011-11-30 14:25:51 -0600
committerDan McGee <dan@archlinux.org>2011-11-30 14:25:51 -0600
commit7c84bea7dabdfbc307d373620b00214777d91a97 (patch)
treefaf9527b9b8fa82a60f5ef28fa8fce354eb91ac8
parent4590196d79273c49172e2da74e7a7b31e59d7a27 (diff)
Allow generation of an ownertrust file
Signed-off-by: Dan McGee <dan@archlinux.org>
-rw-r--r--devel/management/commands/generate_keyring.py29
1 files changed, 26 insertions, 3 deletions
diff --git a/devel/management/commands/generate_keyring.py b/devel/management/commands/generate_keyring.py
index a3a764b4..062c738b 100644
--- a/devel/management/commands/generate_keyring.py
+++ b/devel/management/commands/generate_keyring.py
@@ -24,7 +24,7 @@ logging.basicConfig(
logger = logging.getLogger()
class Command(BaseCommand):
- args = "<keyserver> <keyring_path>"
+ args = "<keyserver> <keyring_path> [ownertrust_path]"
help = "Assemble a GPG keyring with all known developer keys."
def handle(self, *args, **options):
@@ -36,10 +36,14 @@ class Command(BaseCommand):
elif v == 2:
logger.level = logging.DEBUG
- if len(args) != 2:
+ if len(args) < 2:
raise CommandError("keyserver and keyring_path must be provided")
- return generate_keyring(args[0], args[1])
+ generate_keyring(args[0], args[1])
+
+ if len(args) > 2:
+ generate_ownertrust(args[2])
+
def generate_keyring(keyserver, keyring):
logger.info("getting all known key IDs")
@@ -60,4 +64,23 @@ def generate_keyring(keyserver, keyring):
subprocess.check_call(gpg_cmd)
logger.info("keyring at %s successfully updated", keyring)
+
+TRUST_LEVELS = {
+ 'unknown': 0,
+ 'expired': 1,
+ 'undefined': 2,
+ 'never': 3,
+ 'marginal': 4,
+ 'fully': 5,
+ 'ultimate': 6,
+}
+
+
+def generate_ownertrust(trust_path):
+ master_key_ids = MasterKey.objects.values_list("pgp_key", flat=True)
+ with open(trust_path, "w") as trustfile:
+ for key_id in master_key_ids:
+ trustfile.write("%s:%d:\n" % (key_id, TRUST_LEVELS['marginal']))
+ logger.info("trust file at %s created or overwritten", trust_path)
+
# vim: set ts=4 sw=4 et: