diff options
author | 2015-08-09 15:43:31 -0700 | |
---|---|---|
committer | 2015-08-09 15:52:05 -0700 | |
commit | 38d2b1fed19ac636346ab1e7a456bbac5bc69cec (patch) | |
tree | 4ad48da1f83dfcb237b45406dba46c52abfa21a2 /gkeys/etc | |
parent | gkeys/seedhandler.py: Add an isdir check to load_category (diff) | |
download | gentoo-keys-38d2b1fed19ac636346ab1e7a456bbac5bc69cec.tar.gz gentoo-keys-38d2b1fed19ac636346ab1e7a456bbac5bc69cec.tar.bz2 gentoo-keys-38d2b1fed19ac636346ab1e7a456bbac5bc69cec.zip |
gkeys: Add settable trust-model for the keyrings
The --trust-model option is needed for git verification and many other gkeys operations.
Diffstat (limited to 'gkeys/etc')
-rw-r--r-- | gkeys/etc/gkeys.conf | 14 |
1 files changed, 13 insertions, 1 deletions
diff --git a/gkeys/etc/gkeys.conf b/gkeys/etc/gkeys.conf index e7a363f..e9eb820 100644 --- a/gkeys/etc/gkeys.conf +++ b/gkeys/etc/gkeys.conf @@ -67,9 +67,12 @@ files: 0o022 # file is a json text file of: nick, name, keydir, fingerprint # one file per line # category = category or seedfile name -# these categories/seedfile nmaes are used for the +# these categories/seedfile names are used for the # -C, --category input value validations # eg: category: filepath +# +# If adding additional seed files, +# remember to set an appropriate [trust-model] for them below" gentoo: %(seedsdir)s/gentoo.seeds gentoo-devs: %(seedsdir)s/gentoo-devs.seeds @@ -92,6 +95,15 @@ gentoo-devs: https://api.gentoo.org/gentoo-keys/seeds/gentoo-devs.seeds #sign: +# Set the trust levels +# one of {pgp|classic|direct|always|auto} +# default is "auto" +# for the gentoo and gentoo-devs keyrings set to "always" +[trust-model] +gentoo: always +gentoo-devs: always + + [verify-seeds] # mapping of the seedfile category name |