diff options
| author | Eric Renfro via pacman-dev <pacman-dev@archlinux.org> | 2018-02-27 14:27:49 +0100 |
|---|---|---|
| committer | Allan McRae <allan@archlinux.org> | 2018-03-14 08:45:08 +0100 |
| commit | 0565cebfc387be67e0daac73a4d0a312965ca1d3 (patch) | |
| tree | 98eebd1248709ea57d68122209e11a84b1bfaedb | |
| parent | 3e619ccffe585ddf19b1faa053ff46654d2b8a48 (diff) | |
| download | pacman-0565cebfc387be67e0daac73a4d0a312965ca1d3.tar.gz pacman-0565cebfc387be67e0daac73a4d0a312965ca1d3.tar.xz | |
Added gpg-agent.conf to disable the gnupg scdaemon
This fixes an issue where smartcards, such a Yubikey, would cause the
keyring to fail locally signing, thus also failing to verify signed
packages.
Signed-off-by: Eric Renfro <psi-jack@linux-help.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
| -rw-r--r-- | scripts/pacman-key.sh.in | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/scripts/pacman-key.sh.in b/scripts/pacman-key.sh.in index d6bc6be3..060d8369 100644 --- a/scripts/pacman-key.sh.in +++ b/scripts/pacman-key.sh.in @@ -210,6 +210,12 @@ initialize() { add_gpg_conf_option "$conffile" 'lock-never' add_gpg_conf_option "$conffile" 'keyserver-options' 'timeout=10' + # gpg-agent.conf + agent_conffile="${PACMAN_KEYRING_DIR}/gpg-agent.conf" + [[ -f $agent_conffile ]] || touch "$agent_conffile" + chmod 644 "$agent_conffile" + add_gpg_conf_option "$agent_conffile" 'disable-scdaemon' + # set up a private signing key (if none available) if [[ $(secret_keys_available) -lt 1 ]]; then generate_master_key |