diff options
author | Sean Whitton <spwhitton@spwhitton.name> | 2021-06-22 12:09:05 -0700 |
---|---|---|
committer | Sean Whitton <spwhitton@spwhitton.name> | 2021-06-22 12:09:05 -0700 |
commit | 030254f63b19f8fc2f915d221809285c27d408b7 (patch) | |
tree | 81119daed1912cdad6ea732f8d8bbc6ee3852d41 /src/property/gnupg.lisp | |
parent | 469215bbb260d24333c09afaf8912bd5c0558b54 (diff) | |
download | consfigurator-030254f63b19f8fc2f915d221809285c27d408b7.tar.gz |
add a number of git, gpg and cron properties
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
Diffstat (limited to 'src/property/gnupg.lisp')
-rw-r--r-- | src/property/gnupg.lisp | 28 |
1 files changed, 28 insertions, 0 deletions
diff --git a/src/property/gnupg.lisp b/src/property/gnupg.lisp index 6f3167f..fc16cd8 100644 --- a/src/property/gnupg.lisp +++ b/src/property/gnupg.lisp @@ -32,3 +32,31 @@ keyring." (with-change-if-changes-file (".gnupg/pubring.kbx") (mrun :input (get-data-stream "--pgp-pubkey" fingerprint) "gpg" "--import")))) + +(defprop trusts-public-key :posix (fingerprint level) + "Ensure that the PGP public key identified by FINGERPRINT is trusted at level +LEVEL, an integer." + (:desc #?"PGP public key ${fingerprint} trusted, level ${level}") + (:preprocess (list (remove #\Space fingerprint) level)) + (:apply (with-change-if-changes-file (".gnupg/trustdb.gpg") + (mrun :input (format nil "~A:~A:~%" fingerprint level) + "gpg" "--import-ownertrust")))) + +(defproplist public-key-imported-and-trusted :posix (fingerprint level) + (:desc "PGP public key ${fingerprint} imported and trusted, level ${level}") + (public-key-imported fingerprint) + (trusts-public-key fingerprint level)) + +(defprop secret-key-imported :posix (fingerprint) + (:desc #?"PGP public key ${fingerprint} imported") + (:preprocess (list (remove #\Space fingerprint))) + (:hostattrs (require-data "--pgp-seckey" fingerprint)) + (:check + ;; Look for plain "sec" not, e.g., "sec#", which indicates the secret key + ;; is not available. + (multiple-value-bind (out err exit) + (run :may-fail "gpg" "--list-secret-keys" fingerprint) + (declare (ignore err)) + (and (zerop exit) (re:scan #?/^sec\s/ out)))) + (:apply (mrun :input (get-data-stream "--pgp-seckey" fingerprint) + "gpg" "--import"))) |