[Yum-devel] [PATCH] Allow only some GPG keys to be installed. BZ 606644.
James Antill
james at and.org
Mon Feb 21 21:23:00 UTC 2011
---
yum/__init__.py | 16 +++++++++++++---
1 files changed, 13 insertions(+), 3 deletions(-)
diff --git a/yum/__init__.py b/yum/__init__.py
index 059095a..4bb9073 100644
--- a/yum/__init__.py
+++ b/yum/__init__.py
@@ -4495,6 +4495,7 @@ class YumBase(depsolve.Depsolve):
keyurls = repo.gpgkey
key_installed = False
+ could_but_didnt = False
for keyurl in keyurls:
keys = self._retrievePublicKey(keyurl, repo)
@@ -4531,7 +4532,8 @@ class YumBase(depsolve.Depsolve):
rc = askcb(po, info['userid'], info['hexkeyid'])
if not rc:
- raise Errors.YumBaseError, _("Not installing key")
+ could_but_didnt = True
+ continue
# Import the key
ts = self.rpmdb.readOnlyTS()
@@ -4542,6 +4544,9 @@ class YumBase(depsolve.Depsolve):
self.logger.info(_('Key imported successfully'))
key_installed = True
+ if not key_installed and could_but_didnt:
+ raise Errors.YumBaseError, _("Didn't install any keys")
+
if not key_installed:
raise Errors.YumBaseError, \
_('The GPG keys listed for the "%s" repository are ' \
@@ -4570,6 +4575,7 @@ class YumBase(depsolve.Depsolve):
"""
key_installed = False
+ could_but_didnt = False
for keyurl in keyurl_list:
keys = self._retrievePublicKey(keyurl, repo, getSig=not is_cakey)
for info in keys:
@@ -4610,7 +4616,8 @@ class YumBase(depsolve.Depsolve):
if not rc:
- raise Errors.YumBaseError, _("Not installing key for repo %s") % repo
+ could_but_didnt = True
+ continue
# Import the key
result = misc.import_key_to_pubring(info['raw_key'], info['hexkeyid'], gpgdir=destdir)
@@ -4629,7 +4636,10 @@ class YumBase(depsolve.Depsolve):
except (IOError, OSError):
# maybe a warning - but in general this is not-critical, just annoying to the user
pass
-
+
+ if not key_installed and could_but_didnt:
+ raise Errors.YumBaseError, _("Didn't install any keys for repo %s") % repo
+
if not key_installed:
raise Errors.YumBaseError, \
_('The GPG keys listed for the "%s" repository are ' \
--
1.7.3.4
More information about the Yum-devel
mailing list