gpg_sign: depress the owership warnings on homedir

A gpg command, e.g, called by get_gpg_version(), may trigger such a warning: gpg: WARNING: unsafe ownership on homedir '/home/user/.gnupg' This sort of warning is harmless so it can be depressed through specifying --no-permission-warning. (From OE-Core rev: 0a740aa6f02deada56e0b7deb2bc1f7401e58726) Signed-off-by: Jia Zhang <lans.zhang2008@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2026-01-29 21:08:42 +01:00 · 2017-08-24 11:24:28 +08:00
parent 754ebff252
commit c0e0887001
1 changed files with 6 additions and 6 deletions
--- a/meta/lib/oe/gpg_sign.py
+++ b/meta/lib/oe/gpg_sign.py
@@ -15,7 +15,7 @@ class LocalSigner(object):

    def export_pubkey(self, output_file, keyid, armor=True):
        """Export GPG public key to a file"""
-        cmd = '%s --batch --yes --export -o %s ' % \
+        cmd = '%s --no-permission-warning --batch --yes --export -o %s ' % \
                (self.gpg_bin, output_file)
        if self.gpg_path:
            cmd += "--homedir %s " % self.gpg_path
@@ -31,7 +31,7 @@ class LocalSigner(object):
        """Sign RPM files"""

        cmd = self.rpm_bin + " --addsign --define '_gpg_name %s'  " % keyid
-        gpg_args = '--batch --passphrase=%s' % passphrase
+        gpg_args = '--no-permission-warning --batch --passphrase=%s' % passphrase
        if self.gpg_version > (2,1,):
            gpg_args += ' --pinentry-mode=loopback'
        cmd += "--define '_gpg_sign_cmd_extra_args %s' " % gpg_args
@@ -58,8 +58,8 @@ class LocalSigner(object):
        if passphrase_file and passphrase:
            raise Exception("You should use either passphrase_file of passphrase, not both")

-        cmd = [self.gpg_bin, '--detach-sign', '--batch', '--no-tty', '--yes',
-               '--passphrase-fd', '0', '-u', keyid]
+        cmd = [self.gpg_bin, '--detach-sign', '--no-permission-warning', '--batch',
+               '--no-tty', '--yes', '--passphrase-fd', '0', '-u', keyid]

        if self.gpg_path:
            cmd += ['--homedir', self.gpg_path]
@@ -98,7 +98,7 @@ class LocalSigner(object):
        """Return the gpg version as a tuple of ints"""
        import subprocess
        try:
-            ver_str = subprocess.check_output((self.gpg_bin, "--version")).split()[2].decode("utf-8")
+            ver_str = subprocess.check_output((self.gpg_bin, "--version", "--no-permission-warning")).split()[2].decode("utf-8")
            return tuple([int(i) for i in ver_str.split('.')])
        except subprocess.CalledProcessError as e:
            raise bb.build.FuncFailed("Could not get gpg version: %s" % e)
@@ -106,7 +106,7 @@ class LocalSigner(object):

    def verify(self, sig_file):
        """Verify signature"""
-        cmd = self.gpg_bin + " --verify "
+        cmd = self.gpg_bin + " --verify --no-permission-warning "
        if self.gpg_path:
            cmd += "--homedir %s " % self.gpg_path
        cmd += sig_file