From f053141c8744b3f15ffdf488705fb7606cf1ab35 Mon Sep 17 00:00:00 2001 From: Dave Reisner Date: Sun, 8 Apr 2012 14:02:39 -0400 Subject: pacman-key: verify TRUST_ULTIMATE keys as good Extend our grep pattern to match TRUST_ULTIMATE, not just TRUST_FULLY, as these keys are to be trusted as well. Signed-off-by: Dave Reisner Signed-off-by: Dan McGee --- scripts/pacman-key.sh.in | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'scripts') diff --git a/scripts/pacman-key.sh.in b/scripts/pacman-key.sh.in index 9a77a19f..1a2bac34 100644 --- a/scripts/pacman-key.sh.in +++ b/scripts/pacman-key.sh.in @@ -441,7 +441,7 @@ refresh_keys() { verify_sig() { local fd="$(mktemp)" "${GPG_PACMAN[@]}" --status-file "${fd}" --verify $SIGNATURE - if ! grep -q TRUST_FULLY "${fd}"; then + if ! grep -qE 'TRUST_(FULLY|ULTIMATE)' "${fd}"; then rm -f "${fd}" error "$(gettext "The signature identified by %s could not be verified.")" "$SIGNATURE" exit 1 -- cgit v1.2.3-70-g09d2