summaryrefslogtreecommitdiffstats
path: root/meta/lib/oe/gpg_sign.py
diff options
context:
space:
mode:
authorJia Zhang <lans.zhang2008@gmail.com>2017-08-24 11:24:28 +0800
committerRichard Purdie <richard.purdie@linuxfoundation.org>2017-08-24 13:48:10 +0100
commitc0e0887001a898c71c7df92ad8e3df548fdccea9 (patch)
tree5f689e8f08f6143242a7640b27b6e17dce64bb62 /meta/lib/oe/gpg_sign.py
parent754ebff252568948bb75e5142ca524f8092d9dd0 (diff)
downloadpoky-c0e0887001a898c71c7df92ad8e3df548fdccea9.tar.gz
gpg_sign: depress the owership warnings on homedir
A gpg command, e.g, called by get_gpg_version(), may trigger such a warning: gpg: WARNING: unsafe ownership on homedir '/home/user/.gnupg' This sort of warning is harmless so it can be depressed through specifying --no-permission-warning. (From OE-Core rev: 0a740aa6f02deada56e0b7deb2bc1f7401e58726) Signed-off-by: Jia Zhang <lans.zhang2008@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/lib/oe/gpg_sign.py')
-rw-r--r--meta/lib/oe/gpg_sign.py12
1 files changed, 6 insertions, 6 deletions
diff --git a/meta/lib/oe/gpg_sign.py b/meta/lib/oe/gpg_sign.py
index 008478dfeb..9cc88f020c 100644
--- a/meta/lib/oe/gpg_sign.py
+++ b/meta/lib/oe/gpg_sign.py
@@ -15,7 +15,7 @@ class LocalSigner(object):
15 15
16 def export_pubkey(self, output_file, keyid, armor=True): 16 def export_pubkey(self, output_file, keyid, armor=True):
17 """Export GPG public key to a file""" 17 """Export GPG public key to a file"""
18 cmd = '%s --batch --yes --export -o %s ' % \ 18 cmd = '%s --no-permission-warning --batch --yes --export -o %s ' % \
19 (self.gpg_bin, output_file) 19 (self.gpg_bin, output_file)
20 if self.gpg_path: 20 if self.gpg_path:
21 cmd += "--homedir %s " % self.gpg_path 21 cmd += "--homedir %s " % self.gpg_path
@@ -31,7 +31,7 @@ class LocalSigner(object):
31 """Sign RPM files""" 31 """Sign RPM files"""
32 32
33 cmd = self.rpm_bin + " --addsign --define '_gpg_name %s' " % keyid 33 cmd = self.rpm_bin + " --addsign --define '_gpg_name %s' " % keyid
34 gpg_args = '--batch --passphrase=%s' % passphrase 34 gpg_args = '--no-permission-warning --batch --passphrase=%s' % passphrase
35 if self.gpg_version > (2,1,): 35 if self.gpg_version > (2,1,):
36 gpg_args += ' --pinentry-mode=loopback' 36 gpg_args += ' --pinentry-mode=loopback'
37 cmd += "--define '_gpg_sign_cmd_extra_args %s' " % gpg_args 37 cmd += "--define '_gpg_sign_cmd_extra_args %s' " % gpg_args
@@ -58,8 +58,8 @@ class LocalSigner(object):
58 if passphrase_file and passphrase: 58 if passphrase_file and passphrase:
59 raise Exception("You should use either passphrase_file of passphrase, not both") 59 raise Exception("You should use either passphrase_file of passphrase, not both")
60 60
61 cmd = [self.gpg_bin, '--detach-sign', '--batch', '--no-tty', '--yes', 61 cmd = [self.gpg_bin, '--detach-sign', '--no-permission-warning', '--batch',
62 '--passphrase-fd', '0', '-u', keyid] 62 '--no-tty', '--yes', '--passphrase-fd', '0', '-u', keyid]
63 63
64 if self.gpg_path: 64 if self.gpg_path:
65 cmd += ['--homedir', self.gpg_path] 65 cmd += ['--homedir', self.gpg_path]
@@ -98,7 +98,7 @@ class LocalSigner(object):
98 """Return the gpg version as a tuple of ints""" 98 """Return the gpg version as a tuple of ints"""
99 import subprocess 99 import subprocess
100 try: 100 try:
101 ver_str = subprocess.check_output((self.gpg_bin, "--version")).split()[2].decode("utf-8") 101 ver_str = subprocess.check_output((self.gpg_bin, "--version", "--no-permission-warning")).split()[2].decode("utf-8")
102 return tuple([int(i) for i in ver_str.split('.')]) 102 return tuple([int(i) for i in ver_str.split('.')])
103 except subprocess.CalledProcessError as e: 103 except subprocess.CalledProcessError as e:
104 raise bb.build.FuncFailed("Could not get gpg version: %s" % e) 104 raise bb.build.FuncFailed("Could not get gpg version: %s" % e)
@@ -106,7 +106,7 @@ class LocalSigner(object):
106 106
107 def verify(self, sig_file): 107 def verify(self, sig_file):
108 """Verify signature""" 108 """Verify signature"""
109 cmd = self.gpg_bin + " --verify " 109 cmd = self.gpg_bin + " --verify --no-permission-warning "
110 if self.gpg_path: 110 if self.gpg_path:
111 cmd += "--homedir %s " % self.gpg_path 111 cmd += "--homedir %s " % self.gpg_path
112 cmd += sig_file 112 cmd += sig_file