diff options
| author | nl6720 <nl6720@gmail.com> | 2022-11-26 21:35:38 +0200 |
|---|---|---|
| committer | nl6720 <nl6720@gmail.com> | 2022-12-06 12:55:13 +0200 |
| commit | d31f38843ac0cb803561b0dbe976a3189ac0191c (patch) | |
| tree | 395cc027f7992f6b0eb69b1d53e923c69a3e6c96 | |
| parent | 4ee6fdc1eab278485e13590c47c33db27de4efe5 (diff) | |
| download | archiso-d31f38843ac0cb803561b0dbe976a3189ac0191c.tar.gz archiso-d31f38843ac0cb803561b0dbe976a3189ac0191c.tar.bz2 | |
mkarchiso: do not try to use an non existent GPG public key file
The `bootstrap` build mode never calls `_export_gpg_publickey`, so even if
the GPG key is passed with the `-g` option and thus the `gpg_key` variable
is set, the `${work_dir}/pubkey.gpg` file will not exist.
This has not caused any issue so far because the `ARCHISO_GNUPG_FD` file
descriptor opens the file for both reading and writing, which means the
file gets created if it does not exist.
Assign the exported public key file name to a `gpg_publickey` variable in
`_export_gpg_publickey` and check for it when the file is used.
Since the exist status of the gpg command cannot be checked, look for the
exported public key file instead.
| -rw-r--r-- | CHANGELOG.rst | 2 | ||||
| -rwxr-xr-x | archiso/mkarchiso | 12 |
2 files changed, 9 insertions, 5 deletions
diff --git a/CHANGELOG.rst b/CHANGELOG.rst index 5115cb1..982c722 100644 --- a/CHANGELOG.rst +++ b/CHANGELOG.rst @@ -12,6 +12,8 @@ Added Changed ------- +- Check if the GPG public key file was successfully placed in the work directory before trying to use it. + Removed ------- diff --git a/archiso/mkarchiso b/archiso/mkarchiso index 30c1e06..9000044 100755 --- a/archiso/mkarchiso +++ b/archiso/mkarchiso @@ -335,8 +335,8 @@ _make_custom_airootfs() { _make_packages() { _msg_info "Installing packages to '${pacstrap_dir}/'..." - if [[ -n "${gpg_key}" ]]; then - exec {ARCHISO_GNUPG_FD}<>"${work_dir}/pubkey.gpg" + if [[ -v gpg_publickey ]]; then + exec {ARCHISO_GNUPG_FD}<>"$gpg_publickey" export ARCHISO_GNUPG_FD fi if [[ -v cert_list[0] ]]; then @@ -364,7 +364,7 @@ _make_packages() { exec {ARCHISO_TLSCA_FD}<&- unset ARCHISO_TLSCA_FD fi - if [[ -n "${gpg_key}" ]]; then + if [[ -v gpg_publickey ]]; then exec {ARCHISO_GNUPG_FD}<&- unset ARCHISO_GNUPG_FD fi @@ -1614,8 +1614,10 @@ _set_overrides() { } _export_gpg_publickey() { - rm -f -- "${work_dir}/pubkey.gpg" - gpg --batch --no-armor --output "${work_dir}/pubkey.gpg" --export "${gpg_key}" + gpg_publickey="${work_dir}/pubkey.gpg" + rm -f -- "$gpg_publickey" + gpg --batch --no-armor --output "$gpg_publickey" --export "${gpg_key}" + [[ -s "$gpg_publickey" ]] || return } _make_version() { |