[elbe-devel] [PATCH 1/1] command init: don't use user's gnupg configuration file

Torben Hohn torben.hohn at linutronix.de
Fri Aug 23 13:40:49 CEST 2019 

On Fri, Aug 23, 2019 at 12:18:22PM +0200, bage at linutronix.de wrote:
> From: Andrey Skvortsov <andrej.skvortzov at gmail.com>
> 
> if user's gnupg configuration file contained options to include
> other keyrings, then 'elbe-keyring' wasn't created at all
> 
> gpg error message if gnupg conf has keyring option:
> gpg: keyblock resource
> '.../elbe/initvm/.elbe-in/elbe-keyring':
> No such file or directory
> gpg: key 0x36AA35FF22BB8F84: 1 signature not checked due to a missing key
> gpg: no writable keyring found: Not found
> gpg: error reading '[stdin]': General error
> gpg: import from '[stdin]' failed: General error
> gpg: Total number processed: 0
> 
> Because of that resulting 'elbe-keyring.gpg' didn't had any
> PGP keys specified in initvm.xml file.
> 
> Another problem is that without '--no-options' keys from other
> user-defined keyrings leaked into resulting elbe-keyring.gpg installed
> into build vm.
> 
> Closes #233
> 
> Signed-off-by: Andrey Skvortsov <andrej.skvortzov at gmail.com>
> Signed-off-by: Bastian Germann <bage at linutronix.de>

Reviewed-by: Torben Hohn <torben.hohn at linutronix.de>
`
> ---
>  elbepack/commands/init.py | 4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)
> 
> diff --git a/elbepack/commands/init.py b/elbepack/commands/init.py
> index c922168c..ec4aa2fd 100644
> --- a/elbepack/commands/init.py
> +++ b/elbepack/commands/init.py
> @@ -230,10 +230,10 @@ def run_command(argv):
>          for key in xml.all(".//initvm/mirror/url-list/url/raw-key"):
>              keys.append(key.et.text)
>          import_keyring = os.path.join(out_path, "elbe-keyring")
> -        command_out('gpg --no-default-keyring --keyring %s --import' % import_keyring,
> +        command_out('gpg --no-options --no-default-keyring --keyring %s --import' % import_keyring,
>                      stdin="".join(keys))
>          export_keyring = import_keyring + ".gpg"
> -        command_out('gpg --no-default-keyring --keyring %s --export --output %s' % (import_keyring,
> +        command_out('gpg --no-options --no-default-keyring --keyring %s --export --output %s' % (import_keyring,
>                                                                                      export_keyring))
>  
>      if opt.devel:
> -- 
> 2.20.1
> 
> 
> _______________________________________________
> elbe-devel mailing list
> elbe-devel at linutronix.de
> https://lists.linutronix.de/mailman/listinfo/elbe-devel

-- 
Torben Hohn
Linutronix GmbH | Bahnhofstrasse 3 | D-88690 Uhldingen-Mühlhofen
Phone: +49 7556 25 999 18; Fax.: +49 7556 25 999 99

Hinweise zum Datenschutz finden Sie hier (Informations on data privacy 
can be found here): https://linutronix.de/kontakt/Datenschutz.php

Linutronix GmbH | Firmensitz (Registered Office): Uhldingen-Mühlhofen | 
Registergericht (Registration Court): Amtsgericht Freiburg i.Br., HRB700 
806 | Geschäftsführer (Managing Directors): Heinz Egger, Thomas Gleixner

More information about the elbe-devel mailing list