self=parcimini # Base interval between key retrievals from first arg; default 20 mins interval=${1:-1200} # Check we have gpg2 and shuf, neither of which are POSIX hash gpg2 || exit hash shuf || exit # Make a temporary file for the key listings, delete on exit trap 'rm -f "$list"' EXIT list=$(mktemp) || exit # Define a function to retrieve all keychain fingerprints key_ids() { gpg2 --batch --no-tty --list-keys --with-colons | awk 'BEGIN { FS = ":" } $1 == "pub" { pub = 1 ; next } $1 == "fpr" && pub { pub = 0 ; key_ids[$(NF-1)]++ } END { for (key_id in key_ids) print key_id }' } # Log process start printf >&2 '%s: Started; base interval %u seconds.\n' \ "$self" "$interval" # While we're able to write the key list to the file, refresh all of them while key_ids > "$list" ; do printf >&2 '%s: Beginning new round; %u key IDs found.\n' \ "$self" "$(sed '$=;d' "$list")" # Shuffle list and read each ID shuf "$list" | while read -r key_id ; do # Sleep for a random interval spell=$((RANDOM % interval + 1)) printf >&2 '%s: Sleeping for %u seconds...\n' \ "$self" "$spell" sleep "$spell" # Retrieve key printf >&2 '%s: Retrieving key %s...\n' \ "$self" "$key_id" gpg2 --batch --no-tty --recv-key "$key_id" done done