[pacman-dev] Setting HOME in build() breaks package signing

Eli Schwartz eschwartz at archlinux.org
Tue May 5 20:40:52 UTC 2020

On 5/5/20 4:11 PM, brainpower wrote:

> This made me wonder:
> Is this something makepkg should take care of (e.g.by restoring $HOME after build() or ensuring gpg will use $OLDHOME/.gnupg)
> or should such a PKGBUILD be considered broken / invalid?


> $ cat PKGBUILD
> pkgname=broken-home
> pkgver=1
> pkgrel=1
> arch=('any')
> build() {
>   export HOME="${srcdir}/tmphome"
> }
I would argue this should probably be a 'local' variable. e.g.

build() {
    local HOME="${srcdir}/tmphome"

Since HOME is previously marked as exportable, it is still getting
exported, and modifying an exported variable causes the changes to be
picked up. So this is identical:

export somevar


export somevar=foo


export somevar

And the 'local' attribute coexists with the exported attribute:

$ foo() { declare -p somevar; local somevar=foo; export somevar; env | \
  grep somevar; declare -p somevar; }; foo
bash: declare: somevar: not found
declare -x somevar="foo"
$ declare -p somevar
bash: declare: somevar: not found

Eli Schwartz
Bug Wrangler and Trusted User

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1601 bytes
Desc: OpenPGP digital signature
URL: <https://lists.archlinux.org/pipermail/pacman-dev/attachments/20200505/c1adb25f/attachment.sig>

More information about the pacman-dev mailing list