Message ID | 20180227161529.1637-1-me@aimileus.nl |
---|---|
State | Accepted |
Headers | show |
Le 27/02/2018 à 17:16, Emiel Wiedijk via arch-projects a écrit : > Previously, makechrootpkg hardcoded ~/.gnupg. Therefore, if a user > uses a custom GPG home directory, the siganture checking would fail. > Now makechrootpkg uses $GNUPGHOME, with a fallback to ~/.gnupg. > > Signed-off-by: Emiel Wiedijk <me@aimileus.nl> > --- > makechrootpkg.in | 5 +++-- > 1 file changed, 3 insertions(+), 2 deletions(-) > > diff --git a/makechrootpkg.in b/makechrootpkg.in > index afcd121..653847f 100644 > --- a/makechrootpkg.in > +++ b/makechrootpkg.in > @@ -252,7 +252,8 @@ download_sources() { > chmod 1777 "$builddir" > > # Ensure sources are downloaded > - sudo -u "$makepkg_user" env SRCDEST="$SRCDEST" BUILDDIR="$builddir" \ > + sudo -u "$makepkg_user" --preserve-env=GNUPGHOME \ > + env SRCDEST="$SRCDEST" BUILDDIR="$builddir" \ > makepkg --config="$copydir/etc/makepkg.conf" --verifysource -o || > die "Could not download sources." > > @@ -341,7 +342,7 @@ main() { > [[ -n $makepkg_user && -z $(id -u "$makepkg_user") ]] && die 'Invalid makepkg user.' > makepkg_user=${makepkg_user:-${SUDO_USER:-$USER}} > > - check_root SOURCE_DATE_EPOCH > + check_root SOURCE_DATE_EPOCH,GNUPGHOME > > # Canonicalize chrootdir, getting rid of trailing / > chrootdir=$(readlink -e "$passeddir") Does not seem to work for me: GNUPGHOME=/path/to/svn-community/.gnupg/ extra-x86_64-build … ==> Verifying source file signatures with gpg... flickcurl-1.26.tar.gz ... FAILED (unknown public key 43EC92504F71955A) … (I have previously retrieved this key using `GNUPGHOME=/path/to/svn-community/.gnupg/ gpg --recv-keys 43EC92504F71955A` of course)
diff --git a/makechrootpkg.in b/makechrootpkg.in index afcd121..653847f 100644 --- a/makechrootpkg.in +++ b/makechrootpkg.in @@ -252,7 +252,8 @@ download_sources() { chmod 1777 "$builddir" # Ensure sources are downloaded - sudo -u "$makepkg_user" env SRCDEST="$SRCDEST" BUILDDIR="$builddir" \ + sudo -u "$makepkg_user" --preserve-env=GNUPGHOME \ + env SRCDEST="$SRCDEST" BUILDDIR="$builddir" \ makepkg --config="$copydir/etc/makepkg.conf" --verifysource -o || die "Could not download sources." @@ -341,7 +342,7 @@ main() { [[ -n $makepkg_user && -z $(id -u "$makepkg_user") ]] && die 'Invalid makepkg user.' makepkg_user=${makepkg_user:-${SUDO_USER:-$USER}} - check_root SOURCE_DATE_EPOCH + check_root SOURCE_DATE_EPOCH,GNUPGHOME # Canonicalize chrootdir, getting rid of trailing / chrootdir=$(readlink -e "$passeddir")
Previously, makechrootpkg hardcoded ~/.gnupg. Therefore, if a user uses a custom GPG home directory, the siganture checking would fail. Now makechrootpkg uses $GNUPGHOME, with a fallback to ~/.gnupg. Signed-off-by: Emiel Wiedijk <me@aimileus.nl> --- makechrootpkg.in | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-)