On Sun, Mar 27, 2011 at 11:14 AM, Ray Kohler <ataraxia937@gmail.com> wrote:
Use mode 755, so non-root users can see inside. Add "--no-permission-warning" to GPG_PACMAN to suppress the noise that otherwise comes of not using mode 700 - this is not private data.
GPGme turns out not to issue this warning itself, so no problem there.
TODO: should non-root users be allowed to use the read-only operations (--list, --export, --finger)? I would say yes- is there any reason not to allow them to?
Signed-off-by: Ray Kohler <ataraxia937@gmail.com> --- scripts/pacman-key.sh.in | 7 ++++++- 1 files changed, 6 insertions(+), 1 deletions(-)
diff --git a/scripts/pacman-key.sh.in b/scripts/pacman-key.sh.in index 5746e64..89e52fc 100644 --- a/scripts/pacman-key.sh.in +++ b/scripts/pacman-key.sh.in @@ -244,7 +244,12 @@ fi if [[ GPGDIR=$(find_config "GPGDir") == 0 ]]; then PACMAN_KEYRING_DIR="${GPGDIR}" fi -GPG_PACMAN="gpg --homedir ${PACMAN_KEYRING_DIR}" +GPG_PACMAN="gpg --homedir ${PACMAN_KEYRING_DIR} --no-permission-warning" + +# Try to create $PACMAN_KEYRING_DIR if non-existent +# Check for simple existence rather than for a directory as someone may want +# to use a symlink here +[[ -e ${PACMAN_KEYRING_DIR} ]] || mkdir -p -m 755 "${PACMAN_KEYRING_DIR}"
# Parse and execute command command="$1" -- 1.7.4.1