[arch-projects] [devtools] makechrootpkg: respect GNUPGHOME
Emiel Wiedijk
me at aimileus.nl
Tue Feb 27 10:41:59 UTC 2018
> On 02/26/2018 02:03 PM, Emiel Wiedijk via arch-projects wrote:
>
> > Previously, makechrootpkg hardcoded ~/.gnupg. Therefore, if a user
> >
> > uses a custom GPG home directory, the siganture checking would fail.
> >
> > Now makechrootpkg uses $GNUPGHOME, with a fallback to ~/.gnupg.
>
> There is no signature checking in the chroot, see
>
> https://lists.archlinux.org/pipermail/arch-projects/2018-January/004709.html
>
>
> -----------------------------------------------------------------------------------------------------------------------------------
>
> Eli Schwartz
>
> Bug Wrangler and Trusted User
Correct, but makepkg --verifysource is run with sudo -u $myuser, and sudo
resets the environment. And the code that copies ~/.gnupg to the chroot
apparantly hasn't been removed yet (as of 38c7a391b043547b946a99731a56a233458ba7a2).
I just assumed (apparantly wrongly) that it was for GnuPG related tasks in the
PKGBUILD, and adjusted the code to copy the correct directory.
Emiel Wiedijk
More information about the arch-projects
mailing list