gpg_sign: depress the owership warnings on homedir

A gpg command, e.g, called by get_gpg_version(), may trigger such a warning: gpg: WARNING: unsafe ownership on homedir '/home/user/.gnupg' This sort of warning is harmless so it can be depressed through specifying --no-permission-warning. (From OE-Core rev: 0a740aa6f02deada56e0b7deb2bc1f7401e58726) Signed-off-by: Jia Zhang <lans.zhang2008@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Jia Zhang <lans.zhang2008@gmail.com> 2017-08-24 11:24:28 +0800
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2017-08-24 13:48:10 +0100
commit: c0e0887001a898c71c7df92ad8e3df548fdccea9 (patch)
tree: 5f689e8f08f6143242a7640b27b6e17dce64bb62 /meta/lib/oe/gpg_sign.py
parent: 754ebff252568948bb75e5142ca524f8092d9dd0 (diff)
download: poky-c0e0887001a898c71c7df92ad8e3df548fdccea9.tar.gz
1 files changed, 6 insertions, 6 deletions
diff --git a/meta/lib/oe/gpg_sign.py b/meta/lib/oe/gpg_sign.py
index 008478dfeb..9cc88f020c 100644
--- a/meta/lib/oe/gpg_sign.py
+++ b/meta/lib/oe/gpg_sign.py
@@ -15,7 +15,7 @@ class LocalSigner(object):
    def export_pubkey(self, output_file, keyid, armor=True):
        """Export GPG public key to a file"""
-        cmd = '%s --batch --yes --export -o %s ' % \
+        cmd = '%s --no-permission-warning --batch --yes --export -o %s ' % \
                (self.gpg_bin, output_file)
        if self.gpg_path:
            cmd += "--homedir %s " % self.gpg_path
@@ -31,7 +31,7 @@ class LocalSigner(object):
        """Sign RPM files"""
        cmd = self.rpm_bin + " --addsign --define '_gpg_name %s'  " % keyid
-        gpg_args = '--batch --passphrase=%s' % passphrase
+        gpg_args = '--no-permission-warning --batch --passphrase=%s' % passphrase
        if self.gpg_version > (2,1,):
            gpg_args += ' --pinentry-mode=loopback'
        cmd += "--define '_gpg_sign_cmd_extra_args %s' " % gpg_args
@@ -58,8 +58,8 @@ class LocalSigner(object):
        if passphrase_file and passphrase:
            raise Exception("You should use either passphrase_file of passphrase, not both")
-        cmd = [self.gpg_bin, '--detach-sign', '--batch', '--no-tty', '--yes',
+        cmd = [self.gpg_bin, '--detach-sign', '--no-permission-warning', '--batch',
-               '--passphrase-fd', '0', '-u', keyid]
+               '--no-tty', '--yes', '--passphrase-fd', '0', '-u', keyid]
        if self.gpg_path:
            cmd += ['--homedir', self.gpg_path]
@@ -98,7 +98,7 @@ class LocalSigner(object):
        """Return the gpg version as a tuple of ints"""
        import subprocess
        try:
-            ver_str = subprocess.check_output((self.gpg_bin, "--version")).split()[2].decode("utf-8")
+            ver_str = subprocess.check_output((self.gpg_bin, "--version", "--no-permission-warning")).split()[2].decode("utf-8")
            return tuple([int(i) for i in ver_str.split('.')])
        except subprocess.CalledProcessError as e:
            raise bb.build.FuncFailed("Could not get gpg version: %s" % e)
@@ -106,7 +106,7 @@ class LocalSigner(object):
    def verify(self, sig_file):
        """Verify signature"""
-        cmd = self.gpg_bin + " --verify "
+        cmd = self.gpg_bin + " --verify --no-permission-warning "
        if self.gpg_path:
            cmd += "--homedir %s " % self.gpg_path
        cmd += sig_file
author	Jia Zhang <lans.zhang2008@gmail.com>	2017-08-24 11:24:28 +0800
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2017-08-24 13:48:10 +0100
commit	c0e0887001a898c71c7df92ad8e3df548fdccea9 (patch)
tree	5f689e8f08f6143242a7640b27b6e17dce64bb62 /meta/lib/oe/gpg_sign.py
parent	754ebff252568948bb75e5142ca524f8092d9dd0 (diff)
download	poky-c0e0887001a898c71c7df92ad8e3df548fdccea9.tar.gz

diff --git a/meta/lib/oe/gpg_sign.py b/meta/lib/oe/gpg_sign.py index 008478dfeb..9cc88f020c 100644 --- a/meta/lib/oe/gpg_sign.py +++ b/meta/lib/oe/gpg_sign.py
@@ -15,7 +15,7 @@ class LocalSigner(object):
15		15
16	def export_pubkey(self, output_file, keyid, armor=True):	16	def export_pubkey(self, output_file, keyid, armor=True):
17	"""Export GPG public key to a file"""	17	"""Export GPG public key to a file"""
18	cmd = '%s --batch --yes --export -o %s ' % \	18	cmd = '%s --no-permission-warning --batch --yes --export -o %s ' % \
19	(self.gpg_bin, output_file)	19	(self.gpg_bin, output_file)
20	if self.gpg_path:	20	if self.gpg_path:
21	cmd += "--homedir %s " % self.gpg_path	21	cmd += "--homedir %s " % self.gpg_path
@@ -31,7 +31,7 @@ class LocalSigner(object):
31	"""Sign RPM files"""	31	"""Sign RPM files"""
32		32
33	cmd = self.rpm_bin + " --addsign --define '_gpg_name %s' " % keyid	33	cmd = self.rpm_bin + " --addsign --define '_gpg_name %s' " % keyid
34	gpg_args = '--batch --passphrase=%s' % passphrase	34	gpg_args = '--no-permission-warning --batch --passphrase=%s' % passphrase
35	if self.gpg_version > (2,1,):	35	if self.gpg_version > (2,1,):
36	gpg_args += ' --pinentry-mode=loopback'	36	gpg_args += ' --pinentry-mode=loopback'
37	cmd += "--define '_gpg_sign_cmd_extra_args %s' " % gpg_args	37	cmd += "--define '_gpg_sign_cmd_extra_args %s' " % gpg_args
@@ -58,8 +58,8 @@ class LocalSigner(object):
58	if passphrase_file and passphrase:	58	if passphrase_file and passphrase:
59	raise Exception("You should use either passphrase_file of passphrase, not both")	59	raise Exception("You should use either passphrase_file of passphrase, not both")
60		60
61	cmd = [self.gpg_bin, '--detach-sign', '--batch', '--no-tty', '--yes',	61	cmd = [self.gpg_bin, '--detach-sign', '--no-permission-warning', '--batch',
62	'--passphrase-fd', '0', '-u', keyid]	62	'--no-tty', '--yes', '--passphrase-fd', '0', '-u', keyid]
63		63
64	if self.gpg_path:	64	if self.gpg_path:
65	cmd += ['--homedir', self.gpg_path]	65	cmd += ['--homedir', self.gpg_path]
@@ -98,7 +98,7 @@ class LocalSigner(object):
98	"""Return the gpg version as a tuple of ints"""	98	"""Return the gpg version as a tuple of ints"""
99	import subprocess	99	import subprocess
100	try:	100	try:
101	ver_str = subprocess.check_output((self.gpg_bin, "--version")).split()[2].decode("utf-8")	101	ver_str = subprocess.check_output((self.gpg_bin, "--version", "--no-permission-warning")).split()[2].decode("utf-8")
102	return tuple([int(i) for i in ver_str.split('.')])	102	return tuple([int(i) for i in ver_str.split('.')])
103	except subprocess.CalledProcessError as e:	103	except subprocess.CalledProcessError as e:
104	raise bb.build.FuncFailed("Could not get gpg version: %s" % e)	104	raise bb.build.FuncFailed("Could not get gpg version: %s" % e)
@@ -106,7 +106,7 @@ class LocalSigner(object):
106		106
107	def verify(self, sig_file):	107	def verify(self, sig_file):
108	"""Verify signature"""	108	"""Verify signature"""
109	cmd = self.gpg_bin + " --verify "	109	cmd = self.gpg_bin + " --verify --no-permission-warning "
110	if self.gpg_path:	110	if self.gpg_path:
111	cmd += "--homedir %s " % self.gpg_path	111	cmd += "--homedir %s " % self.gpg_path
112	cmd += sig_file	112	cmd += sig_file