Index: trunk/scripts/samhainadmin.pl.in =================================================================== --- trunk/scripts/samhainadmin.pl.in (revision 310) +++ trunk/scripts/samhainadmin.pl.in (revision 330) @@ -41,4 +41,5 @@ my $file2; my $passphrase; +my $secretkeyring; my $return_from_sign = 0; my $no_print_examine = 0; @@ -155,4 +156,8 @@ print " Set the passphrase for gpg. By default, gpg will ask.\n\n"; + print " -s secretkeyring --secretkeyring secretkeyring\n"; + print " Select an alternate secret keyring for gpg.\n"; + print " Will use '$ENV{'HOME'}/.gnupg/secring.gpg' by default.\n\n"; + print " -l --list\n"; print " List the files in database rather than printing the raw file.\n\n"; @@ -185,22 +190,36 @@ sub check_gpg_sign () { - if ( (!-d "$ENV{'HOME'}/.gnupg") || (!-e "$ENV{'HOME'}/.gnupg/secring.gpg")) { - print "--------------------------------------------------\n"; - print "\n"; - if (!-d "$ENV{'HOME'}/.gnupg") { - print " Directory \$HOME/.gnupg not found!\n"; - } else { - print " Secret keyring \$HOME/.gnupg/secring.gpg not found!\n"; - } - print "\n"; - print " This indicates that you have never created a \n"; - print " public/private keypair, and thus cannot sign.\n"; - print " \n"; - print " Please use $0 --generate-keys or gpg --gen-key\n"; - print " to generate a public/private keypair first.\n"; - print "\n"; - print "--------------------------------------------------\n"; - print "\n"; - exit; + if ( defined($secretkeyring)) { + if ( (!-d "$secretkeyring")){ + print "--------------------------------------------------\n"; + print "\n"; + print " Secret keyring $secretkeyring not found!\n"; + print "\n"; + print " Please check the path/name of the alternate secret keyring.\n"; + print "\n"; + print "--------------------------------------------------\n"; + print "\n"; + exit; + } + } else { + if ( (!-d "$ENV{'HOME'}/.gnupg") || (!-e "$ENV{'HOME'}/.gnupg/secring.gpg")) { + print "--------------------------------------------------\n"; + print "\n"; + if (!-d "$ENV{'HOME'}/.gnupg") { + print " Directory \$HOME/.gnupg not found!\n"; + } else { + print " Secret keyring \$HOME/.gnupg/secring.gpg not found!\n"; + } + print "\n"; + print " This indicates that you have never created a \n"; + print " public/private keypair, and thus cannot sign.\n"; + print " \n"; + print " Please use $0 --generate-keys or gpg --gen-key\n"; + print " to generate a public/private keypair first.\n"; + print "\n"; + print "--------------------------------------------------\n"; + print "\n"; + exit; + } } } @@ -505,10 +524,14 @@ if (defined($passphrase)) { local $SIG{PIPE} = 'IGNORE'; - my $command = "$gpg --homedir $ENV{'HOME'}/.gnupg --passphrase-fd 0 -a ${KEYTAG} ${TARGETKEYID} --clearsign -o $fileout --not-dash-escaped $file1"; + my $command = "$gpg --homedir $ENV{'HOME'}/.gnupg --passphrase-fd 0 -a ${KEYTAG} ${TARGETKEYID} --clearsign -o $fileout --not-dash-escaped "; + $command .= "--secret-keyring $secretkeyring " if (defined($opts{'s'})); + $command .= "$file1"; open (FH, "|$command") or die "can't fork: $!"; print FH "$passphrase" or die "can't write: $!"; close FH or die "can't close: status=$?"; } else { - my $command = "$gpg --homedir $ENV{'HOME'}/.gnupg -a ${KEYTAG} ${TARGETKEYID} --clearsign -o $fileout --not-dash-escaped $file1"; + my $command = "$gpg --homedir $ENV{'HOME'}/.gnupg -a ${KEYTAG} ${TARGETKEYID} --clearsign -o $fileout --not-dash-escaped "; + $command .= "--secret-keyring $secretkeyring " if (defined($opts{'s'})); + $command .= "$file1"; system("$command") == 0 or die "system $command failed: $?"; @@ -546,4 +569,5 @@ 'd|datafile=s', 'p|passphrase=s', + 's|secretkeyring=s', 'create-cfgfile', # -m F 'print-cfgfile', # -m f @@ -568,4 +592,7 @@ if (defined($opts{'p'})) { $passphrase = $opts{'p'}; +} +if (defined($opts{'s'})) { + $secretkeyring = $opts{'s'}; }