Add lsign-key to the trust_keys function so that the trusted key
authorJameson Graef Rollins <jrollins@phys.columbia.edu>
Sat, 14 Jun 2008 19:58:19 +0000 (15:58 -0400)
committerJameson Graef Rollins <jrollins@phys.columbia.edu>
Sat, 14 Jun 2008 19:58:19 +0000 (15:58 -0400)
actually ends up with full validity.

src/common

index 01e6f32093da85de5004ea29b62ec220c7d82bd9..19b5485a37feb2118edb350ae0e34da67e36613a 100644 (file)
@@ -468,6 +468,11 @@ trust_key() {
     # get key fingerprint
     fingerprint=$(get_key_fingerprint "$keyID")
 
+    # attach a "non-exportable" signature to the key
+    # this is required for the key to have any validity at all
+    # the 'y's on stdin indicates "yes, i really want to sign"
+    echo -e 'y\ny' | gpg --lsign-key --command-fd 0 "$fingerprint"
+
     # import "full" trust for fingerprint into gpg
     echo ${fingerprint}:5: | gpg --import-ownertrust
     if [ $? = 0 ] ; then