diff mbox

[pacman-dev] Added gpg-agent.conf to disable the gnupg scdaemon This fixes an issue where smartcards, such a Yubikey, would cause the keyring to fail locally signing, thus also failing to verify signed packages.

Message ID 20180227051618.8028-1-psi-jack@linux-help.org
State Superseded, archived
Headers show

Commit Message

Geert Hendrickx via pacman-dev Feb. 27, 2018, 5:16 a.m. UTC
Signed-off-by: Eric Renfro <psi-jack@linux-help.org>
---
 scripts/pacman-key.sh.in | 6 ++++++
 1 file changed, 6 insertions(+)
diff mbox

Patch

diff --git a/scripts/pacman-key.sh.in b/scripts/pacman-key.sh.in
index 5bf6c7a1..72b64aa4 100644
--- a/scripts/pacman-key.sh.in
+++ b/scripts/pacman-key.sh.in
@@ -210,6 +210,12 @@  initialize() {
 	add_gpg_conf_option "$conffile" 'lock-never'
 	add_gpg_conf_option "$conffile" 'keyserver-options' 'timeout=10'
 
+	# gpg-agent.conf
+	agent_conffile="${PACMAN_KEYRING_DIR}/gpg-agent.conf"
+	[[ -f $agent_conffile ]] || touch "$agent_conffile"
+	chmod 644 "$agent_conffile"
+	add_gpg_conf_option "$agent_conffile" 'disable-scdaemon'
+
 	# set up a private signing key (if none available)
 	if [[ $(secret_keys_available) -lt 1 ]]; then
 		generate_master_key