[PATCH 2/2] gpg: list of keys from file needs to be filtered
Gabriel Filion
gabster at lelutin.ca
Wed Apr 12 03:55:59 CEST 2017
when checking whether or not a file needs to be reencrypted, some
extraneous lines might get output, causing the list of keys to always be
different from what is present in .gpg-id, leading some commands to
always reencrypt files.
To ensure that we get what we want, we need to filter output for lines
formatted like what we expect to parse.
---
src/password-store.sh | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/password-store.sh b/src/password-store.sh
index ea63880..f5ba9d4 100755
--- a/src/password-store.sh
+++ b/src/password-store.sh
@@ -125,7 +125,7 @@ reencrypt_path() {
done
gpg_keys="$(LC_ALL=C $GPG $PASSWORD_STORE_GPG_OPTS --list-keys --with-colons "${GPG_RECIPIENTS[@]}" | sed -n 's/sub:[^:]*:[^:]*:[^:]*:\([^:]*\):[^:]*:[^:]*:[^:]*:[^:]*:[^:]*:[^:]*:[a-zA-Z]*e[a-zA-Z]*:.*/\1/p' | LC_ALL=C sort -u)"
fi
- current_keys="$(LC_ALL=C $GPG $PASSWORD_STORE_GPG_OPTS -v --no-secmem-warning --no-permission-warning --decrypt --list-only --keyid-format long "$passfile" 2>&1 | cut -d ' ' -f 5 | LC_ALL=C sort -u)"
+ current_keys="$(LC_ALL=C $GPG $PASSWORD_STORE_GPG_OPTS -v --no-secmem-warning --no-permission-warning --decrypt --list-only --keyid-format long "$passfile" 2>&1 | grep "^gpg: public key is" | cut -d ' ' -f 5 | LC_ALL=C sort -u)"
if [[ $gpg_keys != "$current_keys" ]]; then
echo "$passfile_display: reencrypting to ${gpg_keys//$'\n'/ }"
--
2.11.0
More information about the Password-Store
mailing list