From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id AD521138335 for ; Sat, 4 May 2019 19:24:49 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 97F6AE08A4; Sat, 4 May 2019 19:24:48 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 7FDD4E08A4 for ; Sat, 4 May 2019 19:24:48 +0000 (UTC) Received: from oystercatcher.gentoo.org (oystercatcher.gentoo.org [148.251.78.52]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id 5033334357E for ; Sat, 4 May 2019 19:24:47 +0000 (UTC) Received: from localhost.localdomain (localhost [IPv6:::1]) by oystercatcher.gentoo.org (Postfix) with ESMTP id 000515D5 for ; Sat, 4 May 2019 19:24:45 +0000 (UTC) From: "Robin H. Johnson" To: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: 8bit Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "Robin H. Johnson" Message-ID: <1556997875.39b69cb7d63d14f2816fd864eb60595680cfc94a.robbat2@gentoo> Subject: [gentoo-commits] proj/qa-scripts:master commit in: / X-VCS-Repository: proj/qa-scripts X-VCS-Files: keyrings.inc.bash X-VCS-Directories: / X-VCS-Committer: robbat2 X-VCS-Committer-Name: Robin H. Johnson X-VCS-Revision: 39b69cb7d63d14f2816fd864eb60595680cfc94a X-VCS-Branch: master Date: Sat, 4 May 2019 19:24:45 +0000 (UTC) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply X-Archives-Salt: 03f5a08d-6e95-4f2f-ae0e-ca712d47adad X-Archives-Hash: 70c9f1a24bda6fea18af1370a8657c00 commit: 39b69cb7d63d14f2816fd864eb60595680cfc94a Author: Robin H. Johnson gentoo org> AuthorDate: Sat May 4 19:24:35 2019 +0000 Commit: Robin H. Johnson gentoo org> CommitDate: Sat May 4 19:24:35 2019 +0000 URL: https://gitweb.gentoo.org/proj/qa-scripts.git/commit/?id=39b69cb7 keyrings: check for any change before renaming new dump Signed-off-by: Robin H. Johnson gentoo.org> keyrings.inc.bash | 24 +++++++++++++++++++----- 1 file changed, 19 insertions(+), 5 deletions(-) diff --git a/keyrings.inc.bash b/keyrings.inc.bash index 54f0e8c..2b5ad9a 100644 --- a/keyrings.inc.bash +++ b/keyrings.inc.bash @@ -83,13 +83,27 @@ export_keys() { # 'gpg --export' returns zero if there was no error with the command itself # If there are no keys in the export set, then it ALSO does not write the destination file # and prints 'gpg: WARNING: nothing exported' to stderr - if gpg --output "$TMP" --export "${@}" && test -s "${TMP}"; then - chmod a+r "${TMP}" - mv "${TMP}" "${DST}" - else - echo "Unable to export keys to $DST" + if ! gpg --output "$TMP" --export "${@}"; then + echo "Unable to export keys to $DST: GPG returned non-zero" + exit 1 + fi + if ! test -s "${TMP}"; then + echo "Unable to export keys to $DST: GPG returned zero but generated empty file" exit 1 fi + # We have a non-empty output now! + # Capture it in a textual format that can be compared for changes, but make sure it exports correctly + if ! gpg --list-packets "${TMP}" >"${TMP}.packets.txt"; then + echo "Unable to export keys to $DST: GPG failed to list packets" + exit 1 + fi + # Check if the textual format has changed at all, and emit the new version + # if there are ANY changes at all. + if ! cmp -s "${DST}.packets.txt" "${TMP}.packets.txt"; then + chmod a+r "${TMP}" + mv -f "${TMP}" "${DST}" + mv -f "${TMP}.packets.txt" "${DST}.packets.txt" + fi } # populate common variables