[yum-git] 2 commits - plugins/keys yum-utils.spec

James Antill james at linux.duke.edu
Fri Aug 22 20:05:09 UTC 2008


 plugins/keys/keys.py |   66 ++++++++++++++++++++++++++++++++++++++++++++-------
 yum-utils.spec       |    2 -
 2 files changed, 58 insertions(+), 10 deletions(-)

New commits:
commit 78c4c0be41e5f81d4c6939899e50affe0572ac61
Author: James Antill <james at and.org>
Date:   Fri Aug 22 16:05:06 2008 -0400

    Allow keys plugin to remove repo. GPG keys

diff --git a/plugins/keys/keys.py b/plugins/keys/keys.py
index c6dec64..8c3ea2b 100644
--- a/plugins/keys/keys.py
+++ b/plugins/keys/keys.py
@@ -50,7 +50,7 @@ def match_keys(patterns, key, globs=True):
 class Key:
 
     def __init__(self, keyid, createts, sum_type, sum_auth, data,
-                 gpgctx=None, gpgkey=None, gpgsubkey=None, repo="installed"):
+                 gpgctx=None, gpgkey=None, gpgsubkey=None, repoid="installed"):
         self.keyid    = keyid
         self.createts = createts
         self.sum_type = sum_type
@@ -59,7 +59,7 @@ class Key:
         self.gpgctx   = gpgctx
         self.gpgkey   = gpgkey
         self.gpgsubkey = gpgsubkey
-        self.repo     = repo
+        self.repoid   = repoid
 
         email_beg = sum_auth.rfind('<')
         if email_beg == -1:
@@ -109,7 +109,7 @@ class KeysListCommand:
 
     def show_key(self, base, key):
         columns = [(key.sum_auth_name, -15), (key.sum_auth_email, -22),
-                   (key.repo, -22), ("%s-%x" % (key.keyid, key.createts),17)]
+                   (key.repoid, -22), ("%s-%x" % (key.keyid, key.createts),17)]
         print base.fmtColumns(columns)
 
     def doCommand(self, base, basecmd, extcmds):
@@ -176,10 +176,10 @@ class KeysInfoCommand(KeysListCommand):
 
     def show_key(self, base, key):
         pkg = "gpg-pubkey-%s-%x" % (key.keyid, key.createts)
-        if key.repo != "installed":
+        if key.repoid != "installed":
             print """\
 Type       : %s
-Rpm Key-ID : %s-%x
+Rpm Key ID : %s-%x
 Key owner  : %s
 Key email  : %s
 Created    : %s
@@ -255,12 +255,15 @@ class KeysRemoveCommand(KeysListCommand):
         pass
 
     def show_key(self, base, key):
-        if key.repo == "installed":
+        if key.repoid == "installed":
             release = "%x" % key.createts
             base.remove(name='gpg-pubkey', version=key.keyid, release=release)
             self.exit_code = 2
         else:
-            pass # Use gpgme to remove key...
+            print "Delete key %s-%x from %s?" % (key.keyid, key.createts,
+                                                 key.repoid)
+            if base.userconfirm():
+                key.gpgctx.delete(key.gpgkey)
 
     def match_key(self, patterns, key):
         return match_keys(patterns, key, globs=False)
commit 298649eb1f1674e9e4f428075173a4d82568edf6
Author: James Antill <james at and.org>
Date:   Fri Aug 22 15:45:14 2008 -0400

    List/info keys used for repo. signing, as well as rpm ones

diff --git a/plugins/keys/keys.py b/plugins/keys/keys.py
index 429bd00..c6dec64 100644
--- a/plugins/keys/keys.py
+++ b/plugins/keys/keys.py
@@ -19,9 +19,14 @@
 from yum.plugins import TYPE_INTERACTIVE, PluginYumExit
 import rpmUtils.transaction
 
+import os
 import time
 import fnmatch
 import yum.pgpmsg
+try:
+    import gpgme
+except:
+    gpgme = None
 
 requires_api_version = '2.1'
 plugin_type = (TYPE_INTERACTIVE,)
@@ -44,12 +49,17 @@ def match_keys(patterns, key, globs=True):
 
 class Key:
 
-    def __init__(self, keyid, createts, sum_type, sum_auth, data):
+    def __init__(self, keyid, createts, sum_type, sum_auth, data,
+                 gpgctx=None, gpgkey=None, gpgsubkey=None, repo="installed"):
         self.keyid    = keyid
         self.createts = createts
         self.sum_type = sum_type
         self.sum_auth = sum_auth
         self.data     = data
+        self.gpgctx   = gpgctx
+        self.gpgkey   = gpgkey
+        self.gpgsubkey = gpgsubkey
+        self.repo     = repo
 
         email_beg = sum_auth.rfind('<')
         if email_beg == -1:
@@ -91,14 +101,16 @@ class KeysListCommand:
         pass
 
     def show_hdr(self):
-        print "%-40.40s %-21.21s %s" % ("Key owner", "Key email", "Key ID")
+        print "%-15s %-22s %-22s %17s" % ("Key owner", "Key email",
+                                          "Repo", "Key ID")
 
     def match_key(self, patterns, key):
         return match_keys(patterns, key)
 
     def show_key(self, base, key):
-        print "%-40.40s %-21.21s %s-%x" % (key.sum_auth_name,key.sum_auth_email,
-                                           key.keyid, key.createts)
+        columns = [(key.sum_auth_name, -15), (key.sum_auth_email, -22),
+                   (key.repo, -22), ("%s-%x" % (key.keyid, key.createts),17)]
+        print base.fmtColumns(columns)
 
     def doCommand(self, base, basecmd, extcmds):
         self.exit_code = 0
@@ -120,6 +132,23 @@ class KeysListCommand:
             data = hdr['description']
 
             keys.append(Key(keyid, createts, sum_type, sum_auth, data))
+        if gpgme is not None:
+            for repo in base.repos.listEnabled():
+                gpgdir = '%s/gpgdir' % repo.cachedir
+                if not os.path.exists(gpgdir):
+                    continue
+
+                # Borrowed from misc.return_keyids_from_pubring()
+                os.environ['GNUPGHOME'] = gpgdir
+                ctx = gpgme.Context()
+                for k in ctx.keylist():
+                    auth  = "%s <%s>" % (k.uids[0].name, k.uids[0].email)
+                    for subkey in k.subkeys:
+                        if subkey.can_sign:
+                            keyid = "%08x" % (int(subkey.keyid,16) & 0xFFFFFFFF)
+                            keys.append(Key(keyid, subkey.timestamp,
+                                            "GPG", auth, "<not-implemented>",
+                                            ctx, k, subkey, repo.id))
 
         done = False
         for key in sorted(keys):
@@ -147,14 +176,27 @@ class KeysInfoCommand(KeysListCommand):
 
     def show_key(self, base, key):
         pkg = "gpg-pubkey-%s-%x" % (key.keyid, key.createts)
-        if key.sum_type == '<?>':
+        if key.repo != "installed":
+            print """\
+Type       : %s
+Rpm Key-ID : %s-%x
+Key owner  : %s
+Key email  : %s
+Created    : %s
+Fingerprint: %x
+Key ID     : %x
+""" % (key.sum_type, key.keyid, key.createts,
+       key.sum_auth_name, key.sum_auth_email, time.ctime(key.createts),
+       int(key.gpgsubkey.fpr, 16), int(key.gpgsubkey.keyid, 16))
+        elif key.sum_type == '<?>':
             print """\
 Type      : Unknown
 Rpm PKG   : %s
 Key owner : %s
 Key email : %s
 Created   : %s
-""" % (pkg, key.sum_auth_name, key.sum_auth_email, time.ctime(key.createts))
+""" % (key.sum_type, pkg,
+       key.sum_auth_name, key.sum_auth_email, time.ctime(key.createts))
         else:
             gpg_cert = yum.pgpmsg.decode_msg(key.data)
             print """\
@@ -213,9 +255,12 @@ class KeysRemoveCommand(KeysListCommand):
         pass
 
     def show_key(self, base, key):
-        release = "%x" % key.createts
-        base.remove(name='gpg-pubkey', version=key.keyid, release=release)
-        self.exit_code = 2
+        if key.repo == "installed":
+            release = "%x" % key.createts
+            base.remove(name='gpg-pubkey', version=key.keyid, release=release)
+            self.exit_code = 2
+        else:
+            pass # Use gpgme to remove key...
 
     def match_key(self, patterns, key):
         return match_keys(patterns, key, globs=False)
diff --git a/yum-utils.spec b/yum-utils.spec
index c4a51f4..da4793c 100644
--- a/yum-utils.spec
+++ b/yum-utils.spec
@@ -255,7 +255,7 @@ installation.
 %package -n yum-keys
 Summary: Yum plugin to deal with signing keys
 Group: System Environment/Base
-Requires: yum >= 3.2.8
+Requires: yum >= 3.2.19
 
 %description -n yum-keys
 This plugin adds the commands keys, keys-info, keys-data and keys-remove. They



More information about the Yum-cvs-commits mailing list