Fixes the problem where the keychain and the .gpg-id file can get out of sync,
and ensures that the key IDs are used rather than a (possibly old key for) an
email address.
refresh_keys () {
gpg2 --quiet --import $UCCPASS_KEYRING
+ gpg2 --with-colons $UCCPASS_KEYRING | grep '^pub' | cut -d: -f5 > $PASSWORD_STORE_DIR/.gpg-id
}
new_user_setup () {
# Get the key fingerprint
KEY_FINGERPRINT=`gpg --list-secret-keys --with-fingerprint --with-colons $GIT_AUTHOR_EMAIL | grep '^fpr' | head -n 1 | cut -d: -f 10`
- # Add to .gpg-id
- echo -n " >> Adding your key to the access list... "
- if grep -qF "<$GIT_AUTHOR_EMAIL>" $PASSWORD_STORE_DIR/.gpg-id; then
- echo "already present!"
- else
- echo "<$GIT_AUTHOR_EMAIL>" >> $PASSWORD_STORE_DIR/.gpg-id
- echo "ok."
- fi
-
# Add to key list
# XXX: is it worth submitting these to an online keyserver?
echo -n " >> Adding your key to the shared keyring... "