/usr/bin/migrate-pubring-from-classic-gpg is in gnupg 2.1.18-8~deb9u4.
This file is owned by root:root, with mode 0o755.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 | #!/bin/bash
# script to migrate fully from pubring.gpg to pubring.kbx
# Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
# Date: 2016-04-01
# License: GPLv3+
# This was written for the Debian project
set -e
GPG="${GPG:-gpg}"
# select the default GnuPG home directory to work from:
GHD=${GNUPGHOME:-${HOME:-$(getent passwd "$(id -u)" | cut -f6 -d:)}/.gnupg}
# Check that this is gnupg 2.1 or 2.2:
VERSION=$("$GPG" --version | head -n1 | cut -f3 -d\ | cut -f1,2 -d.)
if [ "$VERSION" != 2.1 ] && [ "$VERSION" != 2.2 ] ; then
printf '%s is version %s not version 2.1 or 2.2, this script might be wrong\n' "$GPG" "$VERSION" >&2
exit 1
fi
usage() {
printf 'Usage: %s [GPGHOMEDIR|--default]
\tMigrate public keyring in GPGHOMEDIR from "classic" to "modern" GnuPG
\tusing %s version %s.
\t--default migrates the GnuPG home directory at "%s"
' "$0" "$GPG" "$VERSION" "$GHD"
}
if [ -z "$1" ]; then
usage >&2
exit 1
else
case "$1" in
--help|--usage|-h)
usage
exit
;;
--default)
;;
*)
GHD="$1"
;;
esac
fi
# ensure that there is a pubring.gpg to migrate:
if ! [ -f "$GHD/pubring.gpg" ]; then
printf 'There is no %s/pubring.gpg, no need to migrate\n' "$GHD" >&2
exit
fi
if ! [ -s "$GHD/pubring.gpg" ]; then
mv -- "$GHD/pubring.gpg" "$GHD/pubring.gpg.empty"
printf '%s/pubring.gpg was empty (and has been moved out of the way), no need to migrate\n' "$GHD" >&2
exit
fi
BACKUP="$(mktemp -d "$GHD/migrate-from-classic-backup.$(date +%F).XXXXXX")"
printf 'Migrating from:\n%s\n[Backing up to %s]\n' "$(ls -l "$GHD/pubring.gpg")" "$BACKUP" >&2
"$GPG" --export-ownertrust > "$BACKUP/ownertrust.txt"
mv "$GHD/pubring.gpg" "$BACKUP/"
"$GPG" --import-options import-local-sigs,keep-ownertrust,repair-pks-subkey-bug --import < "$BACKUP/pubring.gpg"
"$GPG" --import-ownertrust < "$BACKUP/ownertrust.txt"
"$GPG" --check-trustdb
if ! [ -f "$GHD/pubring.kbx" ]; then
printf 'No keybox was created at %s/pubring.kbx. Something went wrong!\n' "$GHD" >&2
exit 1
fi
printf 'Migration completed successfully:\n%s\n' "$(ls -l "$GHD/pubring.kbx")" >&2
|