[arch-projects] [devtools] [PATCH 7/7] makechrootpkg: Put "keyserver-options auto-key-retrieve" in gpg.conf

Luke Shumaker lukeshu at lukeshu.com
Mon Jan 15 16:57:59 UTC 2018

From: Luke Shumaker <lukeshu at parabola.nu>

This allows signature verification by `makepkg --verifysource`, `git
verify-tag`, and such without requiring the user to manually retrieve
the keys first.

This is based off of devtools32 commit 009695b (2017-06-27) by
Erich Eckner <git at eckner.net>.  There are 2 differences from that
 - In this version, gpg.conf is owned by builduser, not by root
 - In this version, we don't keep appending duplicate lines if we
   re-use a chroot
 makechrootpkg.in | 1 +
 1 file changed, 1 insertion(+)

diff --git a/makechrootpkg.in b/makechrootpkg.in
index a6c54cc..d2a0477 100644
--- a/makechrootpkg.in
+++ b/makechrootpkg.in
@@ -186,6 +186,7 @@ prepare_chroot() {
 		[[ -r $USER_HOME/$x ]] || continue
 		$install -m 644 "$USER_HOME/$x" "$copydir/build/$x"
+	$install -m644 /dev/stdin "$copydir/build/.gnupg/gpg.conf" <<<'keyserver-options auto-key-retrieve'
 	sed -e '/^MAKEFLAGS=/d' -e '/^PACKAGER=/d' -i "$copydir/etc/makepkg.conf"
 	for x in BUILDDIR=/build PKGDEST=/pkgdest SRCPKGDEST=/srcpkgdest SRCDEST=/srcdest LOGDEST=/logdest \

More information about the arch-projects mailing list