On Mon, 02.03.15 12:28, Peter Paule (systemd-de...@fedux.org) wrote: > Quoting Lennart Poettering <lenn...@poettering.net>: > >I wonder if we can use --trustdb-name /dev/null > > I think, no. I got a weird error using /dev/null > > % strace -e file -o /tmp/blub1 gpg --no-options --no-default-keyring > --no-auto-key-locate --no-auto-check-trustdb --batch --trust-model=always > --keyring=/usr/lib/systemd/import-pubring.gpg --verify > ~/data/halde/signature.sig --trustdb-name /dev/null > trusty-server-cloudimg-amd64-root.tar.gz > gpg: Note: '--trustdb-name' is not considered an option > gpg: can't open signed data '--trustdb-name' > gpg: can't hash datafile: No such file or directory > > % strace -e file -o /tmp/blub1 gpg --no-options --no-default-keyring > --no-auto-key-locate --no-auto-check-trustdb --batch --trust-model=always > --keyring=/usr/lib/systemd/import-pubring.gpg --verify > ~/data/halde/signature.sig trusty-server-cloudimg-amd64-root.tar.gz > gpg: Signature made Sat 28 Feb 2015 02:07:02 CET using RSA key ID 7DB87C81 > gpg: BAD signature from "UEC Image Automatic Signing Key > <cdim...@ubuntu.com>" [unknown]
I have now added some code to git that should make the logic work with both gpg 1 and gpg 2. I now create a throw-away home directory in /tmp to use with gpg's --homedir= parameter, and remove it right after gpg ran. gpg can then create whatever it wants there, and I'll remove it right after. Lennart -- Lennart Poettering, Red Hat _______________________________________________ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
