summaryrefslogtreecommitdiff
path: root/eclass
diff options
context:
space:
mode:
authorMichał Górny <mgorny@gentoo.org>2020-10-31 23:17:21 +0100
committerMichał Górny <mgorny@gentoo.org>2020-10-31 23:18:50 +0100
commita50597d0202a4968147c1b5d96ebeeb1872b0ffe (patch)
treeead6ebb15030d88008864a5621aa296ab2125fdb /eclass
parentdev-python/awscli: 1.18.142 amd64 stable. (diff)
downloadgentoo-a50597d0202a4968147c1b5d96ebeeb1872b0ffe.tar.gz
gentoo-a50597d0202a4968147c1b5d96ebeeb1872b0ffe.tar.bz2
gentoo-a50597d0202a4968147c1b5d96ebeeb1872b0ffe.zip
verify-sig.eclass: Predict attempted writes to /run/user
Signed-off-by: Michał Górny <mgorny@gentoo.org>
Diffstat (limited to 'eclass')
-rw-r--r--eclass/verify-sig.eclass5
1 files changed, 5 insertions, 0 deletions
diff --git a/eclass/verify-sig.eclass b/eclass/verify-sig.eclass
index 5448bf2155d..83929098e6d 100644
--- a/eclass/verify-sig.eclass
+++ b/eclass/verify-sig.eclass
@@ -98,6 +98,11 @@ verify-sig_verify_detached() {
--keyserver "${VERIFY_SIG_OPENPGP_KEYSERVER}"
)
+ # GPG upstream knows better than to follow the spec, so we can't
+ # override this directory. However, there is a clean fallback
+ # to GNUPGHOME.
+ addpredict /run/user
+
einfo "Verifying ${file##*/} ..."
gemato gpg-wrap -K "${key}" "${extra_args[@]}" -- \
gpg --verify "${sig}" "${file}" ||