Am 02.06.2011 00:41, schrieb Dan McGee: > So my questions are: > 1. Does anyone else have experience with a shared among users keyring? > 2. What is best/secure practice when it comes to this? Outside of > --lock-never, yum does something that seems silly, but works- make a > user-owned copy of the entire keyring directory and then uses that. > 3. gpgme doesn't allow us to bypass the trustdb.gpg locking; is there > any possibility of allowing gpgme to run with --lock-never in a > read-only mode? > I'd try not relocating the homedir, but only the keyring location. If you have a means of distributing a gpg.conf to everyone's home directory, you could insert no-default-keyring keyring /etc/pacman.d/gnupg
Not sure about the secret keyring, though. It should not try to use ~/.gnupg/secring.gpg, so trying to import a secret key or generate a new one should give an error. I assume that's what you intend. A home directory with wrong permissions and/or read-only is granted to give problems with various applications. Bye, Andreas _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users