[PATCH 2/2] gpg: list of keys from file needs to be filtered

Gabriel Filion gabster at lelutin.ca
Wed Apr 12 03:55:59 CEST 2017


when checking whether or not a file needs to be reencrypted, some
extraneous lines might get output, causing the list of keys to always be
different from what is present in .gpg-id, leading some commands to
always reencrypt files.

To ensure that we get what we want, we need to filter output for lines
formatted like what we expect to parse.
---
 src/password-store.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/password-store.sh b/src/password-store.sh
index ea63880..f5ba9d4 100755
--- a/src/password-store.sh
+++ b/src/password-store.sh
@@ -125,7 +125,7 @@ reencrypt_path() {
 			done
 			gpg_keys="$(LC_ALL=C $GPG $PASSWORD_STORE_GPG_OPTS --list-keys --with-colons "${GPG_RECIPIENTS[@]}" | sed -n 's/sub:[^:]*:[^:]*:[^:]*:\([^:]*\):[^:]*:[^:]*:[^:]*:[^:]*:[^:]*:[^:]*:[a-zA-Z]*e[a-zA-Z]*:.*/\1/p' | LC_ALL=C sort -u)"
 		fi
-		current_keys="$(LC_ALL=C $GPG $PASSWORD_STORE_GPG_OPTS -v --no-secmem-warning --no-permission-warning --decrypt --list-only --keyid-format long "$passfile" 2>&1 | cut -d ' ' -f 5 | LC_ALL=C sort -u)"
+		current_keys="$(LC_ALL=C $GPG $PASSWORD_STORE_GPG_OPTS -v --no-secmem-warning --no-permission-warning --decrypt --list-only --keyid-format long "$passfile" 2>&1 | grep "^gpg: public key is" | cut -d ' ' -f 5 | LC_ALL=C sort -u)"
 
 		if [[ $gpg_keys != "$current_keys" ]]; then
 			echo "$passfile_display: reencrypting to ${gpg_keys//$'\n'/ }"
-- 
2.11.0



More information about the Password-Store mailing list