[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [Popcon-developers] Encrypted popcon submissions

Am Donnerstag, den 11.07.2013, 15:33 +0200 schrieb Bill Allombert:

[use gpg but don't write to root/.gnupg]
> Below is the code in /etc/cron.daily/popularity-contest
> GPG=/usr/bin/gpg
> if [ "$ENCRYPT" = "yes" ] && [ -x "$GPG" ]; then
>   rm -f "$POPCONGPG"
>   $GPG --no-default-keyring --keyring "$KEYRING" --trust-model=always \
>        --armor -o "$POPCONGPG" -r "$POPCONKEY" --encrypt "$POPCON"
> fi

I suggest you add trustdb.gpg and secring.gpg
to /usr/share/popularity-contest/ or (maybe even
better) /etc/popularity-contest/. apt(-secure) does similar in /etc/apt.

The command would then look like this:

gpg --no-options --no-default-keyring --keyring [..] \
    --secret-keyring /etc/popularity-contest/secring.gpg \
    --trustdb-name /etc/popularity-contest/trustdb.gpg

JFTR: The file secring.gpg can be avoided using
--secret-keyring=/dev/null but I don't know how to suppress the creation
of trustdb.gpg.

Regards, Daniel

Reply to: