SEC-KEYS.ECLASS
Section: eclass-manpages (5)Updated: Sep 2025
Index Return to Main Contents
NAME
sec-keys.eclass - Provides a uniform way of handling ebuilds which package PGP key materialDESCRIPTION
This eclass provides a streamlined approach to finding suitable source material for OpenPGP keys used by the verify-sig eclass. Its primary purpose is to permit developers to easily and securely package new sec-keys/* packages. The eclass removes the risk of developers accidentally packaging malformed key material, or neglecting to notice when PGP identities have changed.To use the eclass, define SEC_KEYS_VALIDPGPKEYS to contain the fingerprint of the key and the short name of the key's owner.
SUPPORTED EAPIS
8EXAMPLE
Example use:
SEC_KEYS_VALIDPGPKEYS=( '3DB7F3CA6C1D90B99FE25B38D4B476A4D175C54F:bjones:ubuntu' '4EC8A4DB7D2E01C00AF36C49E5C587B5E286C65A:jsmith:github,openpgp' # key only available on personal website, use manual SRC_URI '5FD9B5EC8E3F12D11BA47D50F6D698C6F397D76B:awhite:manual' ) inherit sec-keys SRC_URI+="https://awhite.com/awhite.gpg -> awhite-${PV}.gpg"
FUNCTIONS
- sec-keys_src_compile
-
Default src_compile override that:
- imports all public keys into a keyring
- validates that they are listed in SEC_KEYS_VALIDPGPKEYS
- minifies and exports them back into a unified keyfile
- sec-keys_src_install
- Default src_install override that installs an ascii-armored keyfile installed to the standard /usr/share/openpgp-keys.
ECLASS VARIABLES
- SEC_KEYS_VALIDPGPKEYS (SET BEFORE INHERIT)
-
Mapping of fingerprints, name, and optional locations of PGP keys to
include, separated by colons. The allowed values for a location are:
- gentoo -- fetch key by fingerprint from https://keys.gentoo.org
- github -- fetch key from github.com/${name}.pgp
- openpgp -- fetch key by fingerprint from https://keys.openpgp.org
- ubuntu -- fetch key by fingerprint from http://keyserver.ubuntu.com
- manual -- do not add to SRC_URI, the ebuild will provide a custom
download location
AUTHORS
Eli Schwartz <eschwartz@gentoo.org>MAINTAINERS
Eli Schwartz <eschwartz@gentoo.org>REPORTING BUGS
Please report bugs via https://bugs.gentoo.org/FILES
sec-keys.eclassSEE ALSO
ebuild(5)https://gitweb.gentoo.org/repo/gentoo.git/log/eclass/sec-keys.eclass
Index
- NAME
- DESCRIPTION
- SUPPORTED EAPIS
- EXAMPLE
- FUNCTIONS
- ECLASS VARIABLES
- AUTHORS
- MAINTAINERS
- REPORTING BUGS
- FILES
- SEE ALSO
This document was created by man2html, using the manual pages.
Time: 03:27:00 GMT, September 08, 2025