From 0565cebfc387be67e0daac73a4d0a312965ca1d3 Mon Sep 17 00:00:00 2001 From: Eric Renfro via pacman-dev Date: Tue, 27 Feb 2018 08:27:49 -0500 Subject: Added gpg-agent.conf to disable the gnupg scdaemon This fixes an issue where smartcards, such a Yubikey, would cause the keyring to fail locally signing, thus also failing to verify signed packages. Signed-off-by: Eric Renfro Signed-off-by: Allan McRae --- scripts/pacman-key.sh.in | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'scripts') diff --git a/scripts/pacman-key.sh.in b/scripts/pacman-key.sh.in index d6bc6be3..060d8369 100644 --- a/scripts/pacman-key.sh.in +++ b/scripts/pacman-key.sh.in @@ -210,6 +210,12 @@ initialize() { add_gpg_conf_option "$conffile" 'lock-never' add_gpg_conf_option "$conffile" 'keyserver-options' 'timeout=10' + # gpg-agent.conf + agent_conffile="${PACMAN_KEYRING_DIR}/gpg-agent.conf" + [[ -f $agent_conffile ]] || touch "$agent_conffile" + chmod 644 "$agent_conffile" + add_gpg_conf_option "$agent_conffile" 'disable-scdaemon' + # set up a private signing key (if none available) if [[ $(secret_keys_available) -lt 1 ]]; then generate_master_key -- cgit v1.2.3-70-g09d2