Improved documentation for sync-secret

author: James Crayne <jim.crayne@gmail.com> 2015-06-23 20:12:26 -0400
committer: James Crayne <jim.crayne@gmail.com> 2015-06-23 20:12:26 -0400
commit: 317fd83c64e207974a0b8a0d2943b3b49800d6bb (patch)
tree: 2180089f2980b0cc5b66bc08cb776c8a7a3b1493 /kiki.hs
parent: be560ff09484e5c806d8c18bd922b014885d115b (diff)
1 files changed, 46 insertions, 10 deletions
diff --git a/kiki.hs b/kiki.hs
index 498f41e..8d13f6b 100644
--- a/kiki.hs
+++ b/kiki.hs
@@ -511,21 +511,38 @@ kiki_usage bSecret cmd = putStr $
            ,"kiki sync-secret FLAGS [--keypairs KEYSPEC ...] [--keyrings FILE ...] [--hosts FILE ...]"
            ,"                       [--wallets FILE ...]"
            ,""
-            ,"     sync-secret merges a set of key files into a combined database and then"
+            ,"     sync-secret syncs the information inside your OpenGPG keyring with information"
-            ,"     uses the database to update all the input files, those inside and outside of"
+            ,"     in other files. Information flows both in and out of your keyring."
-            ,"     of the home directory (see --homedir), to have the most complete information."
+            ,""
+            ,"     sync-secret works by first creating a combined database containing all information"
+            ,"     and then updating all files (including OpenGPG files, as well as files specified as"
+            ,"     arguments to the options --keyrings, --wallets, and --hosts) with information from"
+            ,"     from the combined database."
+            ,""
+            ,"     Master keys in keyring files are fleshed out with all known subkeys"
+            ,"     in any file in which they appear. Ordinarily, if a file does not contain the master key"
+            ,"     already, it will not be added. However, in the case of --import or --import-if-authentic"
+            ,"     new master keys may be added to your OpenGPG keyring."
+            ,""
+            ,"     Cryptocoin keys in wallet files are fleshed out with all CryptoCoin subkeys of the working"
+            ,"     key. The working key is updated with new CryptoCoin subkeys from all specified wallets."
+            ,"     Ordinarily, only one wallet is specified on the command line. If multiple wallets are"
+            ,"     specified, they will all have the same keys after the the operation completes."
+            ,""
+            ,"     The --hosts option is experimental and may be removed in the future. Any files given"
+            ,"     as arguments to this option will be assumed to be in the format /etc/hosts, and will"
+            ,"     be updated with any hostname information currently stored within your OpenGPG keyring."
+            ,"     Additionally, if the file has hostnames for the ip corresponding to a master key, then"
+            ,"     then the mastekey is updated with unsigned annotations recording the additional hostnames."
+            ,"     Warning: this effects all master keys, regardless of whether they have secret key"
+            ,"     information, hence the annotations being unsigned."
            ,""
            ,"     The files pubring.gpg and secring.gpg in the directory specified by the"
            ,"     --homedir option are implicitly included in the keyring set even if they"
            ,"     are not included after the --keyrings option."
            ,""
-            ,"     Subkeys that are imported with kiki are given an annotation \"usage@\" which"
+            ,"     If KEYSPEC arguments appear prior to any of --keyrings, --wallets, or --hosts,"
-            ,"     indicates what the key is for.  This tag can be used as a SPEC to select a"
+            ,"     then they are interpretted as if arguments to --keypairs."
-            ,"     particular key.  Master keys may be specified by using fingerprints or by"
-            ,"     specifying a substring of an associated UID."
-            ,""
-            ,"     If no \"INPUT FILE\" options (documented below) are specified, then arguments"
-            ,"     are implicitly interpreted as being KEYSPECs for the --keypairs option."
            ,""
            ,"FLAGS"
            ,"     --help             Gives usage information"
@@ -557,6 +574,25 @@ kiki_usage bSecret cmd = putStr $
            ,"    --keypairs [KEYSPEC ...]"
            ,"        KEYSPEC := tag '=' file  '{' <shell command to create key file> '}'"
            ,"                 | tag '=' file"
+            ,"        Specify the paths of private PEM files which either currently contain"
+            ,"        keys to be imported, or lack keys to be exported. If your working key"
+            ,"        has no subkey with the given tag, and the file is empty or does not exist,"
+            ,"        and a shell command is specified in braces, then the shell command will be "
+            ,"        executed in a modified environment with the expectation of creating the PEM"
+            ,"        file for import."
+            ,""
+            ,"        Subkeys that are imported with kiki are given an annotation \"usage@\" which"
+            ,"        indicates what the key is for.  This tag can be used as a SPEC to select a"
+            ,"        particular key. If a specifed PEM file contains a novel key for an existing"
+            ,"        tag, it will import the new key and you will have multiple keys with the same"
+            ,"        tag."
+            ,""
+            ,"        Your OpenGPG keyring contains time stamps for each subkey. Timestamps of newly"
+            ,"        imported keys will reflect the mtimes of the files from which they were imported."
+            ,"        In the case that the key already exists in your OpenGPG keyring as well as in one"
+            ,"        of the specified files, the timestamp in your OpenGPG keyring is not updated."
+            ,""
            ,"        Note that this option is implicit if no options documented in this section"
            ,"        were specified.  See 'kiki help spec' for more information."
            ,""
author	James Crayne <jim.crayne@gmail.com>	2015-06-23 20:12:26 -0400
committer	James Crayne <jim.crayne@gmail.com>	2015-06-23 20:12:26 -0400
commit	317fd83c64e207974a0b8a0d2943b3b49800d6bb (patch)
tree	2180089f2980b0cc5b66bc08cb776c8a7a3b1493 /kiki.hs
parent	be560ff09484e5c806d8c18bd922b014885d115b (diff)

diff --git a/kiki.hs b/kiki.hs index 498f41e..8d13f6b 100644 --- a/kiki.hs +++ b/kiki.hs
@@ -511,21 +511,38 @@ kiki_usage bSecret cmd = putStr $
511	,"kiki sync-secret FLAGS [--keypairs KEYSPEC ...] [--keyrings FILE ...] [--hosts FILE ...]"	511	,"kiki sync-secret FLAGS [--keypairs KEYSPEC ...] [--keyrings FILE ...] [--hosts FILE ...]"
512	," [--wallets FILE ...]"	512	," [--wallets FILE ...]"
513	,""	513	,""
514	," sync-secret merges a set of key files into a combined database and then"	514	," sync-secret syncs the information inside your OpenGPG keyring with information"
515	," uses the database to update all the input files, those inside and outside of"	515	," in other files. Information flows both in and out of your keyring."
516	," of the home directory (see --homedir), to have the most complete information."	516	,""
		517	," sync-secret works by first creating a combined database containing all information"
		518	," and then updating all files (including OpenGPG files, as well as files specified as"
		519	," arguments to the options --keyrings, --wallets, and --hosts) with information from"
		520	," from the combined database."
		521	,""
		522	," Master keys in keyring files are fleshed out with all known subkeys"
		523	," in any file in which they appear. Ordinarily, if a file does not contain the master key"
		524	," already, it will not be added. However, in the case of --import or --import-if-authentic"
		525	," new master keys may be added to your OpenGPG keyring."
		526	,""
		527	," Cryptocoin keys in wallet files are fleshed out with all CryptoCoin subkeys of the working"
		528	," key. The working key is updated with new CryptoCoin subkeys from all specified wallets."
		529	," Ordinarily, only one wallet is specified on the command line. If multiple wallets are"
		530	," specified, they will all have the same keys after the the operation completes."
		531	,""
		532	," The --hosts option is experimental and may be removed in the future. Any files given"
		533	," as arguments to this option will be assumed to be in the format /etc/hosts, and will"
		534	," be updated with any hostname information currently stored within your OpenGPG keyring."
		535	," Additionally, if the file has hostnames for the ip corresponding to a master key, then"
		536	," then the mastekey is updated with unsigned annotations recording the additional hostnames."
		537	," Warning: this effects all master keys, regardless of whether they have secret key"
		538	," information, hence the annotations being unsigned."
517	,""	539	,""
518	," The files pubring.gpg and secring.gpg in the directory specified by the"	540	," The files pubring.gpg and secring.gpg in the directory specified by the"
519	," --homedir option are implicitly included in the keyring set even if they"	541	," --homedir option are implicitly included in the keyring set even if they"
520	," are not included after the --keyrings option."	542	," are not included after the --keyrings option."
521	,""	543	,""
522	," Subkeys that are imported with kiki are given an annotation \"usage@\" which"	544	," If KEYSPEC arguments appear prior to any of --keyrings, --wallets, or --hosts,"
523	," indicates what the key is for. This tag can be used as a SPEC to select a"	545	," then they are interpretted as if arguments to --keypairs."
524	," particular key. Master keys may be specified by using fingerprints or by"
525	," specifying a substring of an associated UID."
526	,""
527	," If no \"INPUT FILE\" options (documented below) are specified, then arguments"
528	," are implicitly interpreted as being KEYSPECs for the --keypairs option."
529	,""	546	,""
530	,"FLAGS"	547	,"FLAGS"
531	," --help Gives usage information"	548	," --help Gives usage information"
@@ -557,6 +574,25 @@ kiki_usage bSecret cmd = putStr $
557	," --keypairs [KEYSPEC ...]"	574	," --keypairs [KEYSPEC ...]"
558	," KEYSPEC := tag '=' file '{' <shell command to create key file> '}'"	575	," KEYSPEC := tag '=' file '{' <shell command to create key file> '}'"
559	," \| tag '=' file"	576	," \| tag '=' file"
		577
		578	," Specify the paths of private PEM files which either currently contain"
		579	," keys to be imported, or lack keys to be exported. If your working key"
		580	," has no subkey with the given tag, and the file is empty or does not exist,"
		581	," and a shell command is specified in braces, then the shell command will be "
		582	," executed in a modified environment with the expectation of creating the PEM"
		583	," file for import."
		584	,""
		585	," Subkeys that are imported with kiki are given an annotation \"usage@\" which"
		586	," indicates what the key is for. This tag can be used as a SPEC to select a"
		587	," particular key. If a specifed PEM file contains a novel key for an existing"
		588	," tag, it will import the new key and you will have multiple keys with the same"
		589	," tag."
		590	,""
		591	," Your OpenGPG keyring contains time stamps for each subkey. Timestamps of newly"
		592	," imported keys will reflect the mtimes of the files from which they were imported."
		593	," In the case that the key already exists in your OpenGPG keyring as well as in one"
		594	," of the specified files, the timestamp in your OpenGPG keyring is not updated."
		595	,""
560	," Note that this option is implicit if no options documented in this section"	596	," Note that this option is implicit if no options documented in this section"
561	," were specified. See 'kiki help spec' for more information."	597	," were specified. See 'kiki help spec' for more information."
562	,""	598	,""