Send patches - preferably formatted by git format-patch - to patches at archlinux32 dot org.
summaryrefslogtreecommitdiff
path: root/archiso
diff options
context:
space:
mode:
authornl6720 <nl6720@gmail.com>2022-11-26 21:35:38 +0200
committernl6720 <nl6720@gmail.com>2022-12-06 12:55:13 +0200
commitd31f38843ac0cb803561b0dbe976a3189ac0191c (patch)
tree395cc027f7992f6b0eb69b1d53e923c69a3e6c96 /archiso
parent4ee6fdc1eab278485e13590c47c33db27de4efe5 (diff)
mkarchiso: do not try to use an non existent GPG public key file
The `bootstrap` build mode never calls `_export_gpg_publickey`, so even if the GPG key is passed with the `-g` option and thus the `gpg_key` variable is set, the `${work_dir}/pubkey.gpg` file will not exist. This has not caused any issue so far because the `ARCHISO_GNUPG_FD` file descriptor opens the file for both reading and writing, which means the file gets created if it does not exist. Assign the exported public key file name to a `gpg_publickey` variable in `_export_gpg_publickey` and check for it when the file is used. Since the exist status of the gpg command cannot be checked, look for the exported public key file instead.
Diffstat (limited to 'archiso')
-rwxr-xr-xarchiso/mkarchiso12
1 files changed, 7 insertions, 5 deletions
diff --git a/archiso/mkarchiso b/archiso/mkarchiso
index 30c1e06..9000044 100755
--- a/archiso/mkarchiso
+++ b/archiso/mkarchiso
@@ -335,8 +335,8 @@ _make_custom_airootfs() {
_make_packages() {
_msg_info "Installing packages to '${pacstrap_dir}/'..."
- if [[ -n "${gpg_key}" ]]; then
- exec {ARCHISO_GNUPG_FD}<>"${work_dir}/pubkey.gpg"
+ if [[ -v gpg_publickey ]]; then
+ exec {ARCHISO_GNUPG_FD}<>"$gpg_publickey"
export ARCHISO_GNUPG_FD
fi
if [[ -v cert_list[0] ]]; then
@@ -364,7 +364,7 @@ _make_packages() {
exec {ARCHISO_TLSCA_FD}<&-
unset ARCHISO_TLSCA_FD
fi
- if [[ -n "${gpg_key}" ]]; then
+ if [[ -v gpg_publickey ]]; then
exec {ARCHISO_GNUPG_FD}<&-
unset ARCHISO_GNUPG_FD
fi
@@ -1614,8 +1614,10 @@ _set_overrides() {
}
_export_gpg_publickey() {
- rm -f -- "${work_dir}/pubkey.gpg"
- gpg --batch --no-armor --output "${work_dir}/pubkey.gpg" --export "${gpg_key}"
+ gpg_publickey="${work_dir}/pubkey.gpg"
+ rm -f -- "$gpg_publickey"
+ gpg --batch --no-armor --output "$gpg_publickey" --export "${gpg_key}"
+ [[ -s "$gpg_publickey" ]] || return
}
_make_version() {