On 02/14/18 15:20, gpg at mdsresource.net (helices) wrote: > CentOS 7 uses gnupg2 v2.0.22. EPEL doesn't have anything newer. > > We want to move to v2.2.x, and stay current, but we don't want to download > source and compile for dozens of systems.
I had a similar need (because my users started to use ECC keys). Unfortunately, there are no simple answers to this -- to upgrade GnuPG you would need to upgrade the libraries it depends on (such as libgcrypt, libassuan, etc), and this cascades to a lot of other things. I suggest you build gnupg-2.2 without shared libraries and make it available under /opt/gnupg22: make build-aux/speedo.mk native INSTALL_DIR=/opt/gnupg22 LDFLAGS=-static (if someone can recommend a better way that only statically links gnupg's own libraries like libassuan and libgpg-error, but uses shared objects for other system libraries, please let me know, as I didn't find any quickie ways to do it!) You will need to install at least glibc-static for this, alongside all other compilation tools. Alternatively, you can build and RPM that does the same thing -- with the bonus that you don't need to build it statically if you set it up to correctly handle LD_LIBRARY_PATH bits. > We want all users to be using the same version all of the time. Is that for documentation purposes, or because you need features from gnupg-2.2 that aren't in gnupg-2.0? Best, -- Konstantin Ryabitsev Director, IT Infrastructure Security The Linux Foundation
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users