|
@@ -309,6 +309,10 @@ function check_hwrng {
|
309
|
309
|
}
|
310
|
310
|
|
311
|
311
|
function import_gpg_key_to_root {
|
|
312
|
+ # This is a compromise. backup needs access to things which the user
|
|
313
|
+ # doesn't have access to, but also needs to be able to encrypt as the user
|
|
314
|
+ # Perhaps there is some better way to do this.
|
|
315
|
+ # Maybe there should be a separate backup GPG key. Discuss.
|
312
|
316
|
if [ ! $MY_GPG_PUBLIC_KEY ]; then
|
313
|
317
|
MY_GPG_PUBLIC_KEY=/tmp/public_key.gpg
|
314
|
318
|
fi
|
|
@@ -321,10 +325,6 @@ function import_gpg_key_to_root {
|
321
|
325
|
|
322
|
326
|
# make sure that the root user has access to your gpg public key
|
323
|
327
|
if [ $MY_GPG_PUBLIC_KEY_ID ]; then
|
324
|
|
- # This is a compromise. backup needs access to things which the user
|
325
|
|
- # doesn't have access to, but also needs to be able to encrypt as the user
|
326
|
|
- # Perhaps there is some better way to do this.
|
327
|
|
- # Maybe there should be a separate backup GPG key. Discuss.
|
328
|
328
|
su -c "gpg --export-ownertrust > ~/temp_trust.txt" - $MY_USERNAME
|
329
|
329
|
su -c "gpg --output $MY_GPG_PUBLIC_KEY --armor --export $MY_GPG_PUBLIC_KEY_ID" - $MY_USERNAME
|
330
|
330
|
su -c "gpg --output ~/temp_private_key.txt --armor --export-secret-key $MY_GPG_PUBLIC_KEY_ID" - $MY_USERNAME
|