From 6d541dc780afd13bb2084f96faf10647064cbf09 Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Mon, 5 Feb 2018 14:55:01 +0000 Subject: [PATCH] Fix some gpg permissions which otherwise prevent searching for keys --- src/freedombone-adduser | 6 ++++++ src/freedombone-base-email | 12 ++++++++++++ src/freedombone-utils-gpg | 8 ++++++++ src/freedombone-utils-keys | 4 ++++ 4 files changed, 30 insertions(+) diff --git a/src/freedombone-adduser b/src/freedombone-adduser index 4701f38f..9284420c 100755 --- a/src/freedombone-adduser +++ b/src/freedombone-adduser @@ -239,6 +239,12 @@ if ! grep -q 'controluser' /home/$ADD_USERNAME/.bashrc; then echo 'controluser' >> /home/$ADD_USERNAME/.bashrc fi +# fix some gpg strangeness when searching for keys +printf '%%Assuan%%\nsocket=/dev/shm/S.dirmngr\n' > /home/$ADD_USERNAME/.gnupg/S.dirmngr +if [ -d /home/$ADD_USERNAME/.gnupg/crls.d ]; then + chmod +x /home/$ADD_USERNAME/.gnupg/crls.d +fi + ${PROJECT_NAME}-pass -u $ADD_USERNAME -a login -p "$NEW_USER_PASSWORD" clear echo $"New user $ADD_USERNAME was created" diff --git a/src/freedombone-base-email b/src/freedombone-base-email index 7a4e1b75..acc5c6da 100755 --- a/src/freedombone-base-email +++ b/src/freedombone-base-email @@ -1391,6 +1391,10 @@ function configure_gpg { chown -R $MY_USERNAME:$MY_USERNAME $gpg_dir chmod 700 $gpg_dir chmod 600 $gpg_dir/* + printf '%%Assuan%%\nsocket=/dev/shm/S.dirmngr\n' > /home/$MY_USERNAME/.gnupg/S.dirmngr + if [ -d /home/$MY_USERNAME/.gnupg/crls.d ]; then + chmod +x /home/$MY_USERNAME/.gnupg/crls.d + fi mark_completed $FUNCNAME return fi @@ -1419,6 +1423,10 @@ function configure_gpg { chown -R $MY_USERNAME:$MY_USERNAME $gpg_dir chmod 700 $gpg_dir chmod 600 $gpg_dir/* + printf '%%Assuan%%\nsocket=/dev/shm/S.dirmngr\n' > /home/$MY_USERNAME/.gnupg/S.dirmngr + if [ -d /home/$MY_USERNAME/.gnupg/crls.d ]; then + chmod +x /home/$MY_USERNAME/.gnupg/crls.d + fi if [[ $MY_GPG_PUBLIC_KEY && $MY_GPG_PRIVATE_KEY ]]; then echo $'Importing GPG keys from file' @@ -1467,6 +1475,10 @@ function configure_gpg { cp -r /home/$MY_USERNAME/.gnupg /root/ chmod 700 /root/.gnupg chmod 600 /root/.gnupg/* + printf '%%Assuan%%\nsocket=/dev/shm/S.dirmngr\n' > /home/$MY_USERNAME/.gnupg/S.dirmngr + if [ -d /home/$MY_USERNAME/.gnupg/crls.d ]; then + chmod +x /home/$MY_USERNAME/.gnupg/crls.d + fi fi mark_completed $FUNCNAME diff --git a/src/freedombone-utils-gpg b/src/freedombone-utils-gpg index 57765697..4d413f26 100755 --- a/src/freedombone-utils-gpg +++ b/src/freedombone-utils-gpg @@ -144,10 +144,18 @@ function gpg_set_permissions { if [[ "$key_username" != 'root' ]]; then chmod 700 /home/$key_username/.gnupg chmod -R 600 /home/$key_username/.gnupg/* + printf '%%Assuan%%\nsocket=/dev/shm/S.dirmngr\n' > /home/$key_username/.gnupg/S.dirmngr + if [ -d /home/$key_username/.gnupg/crls.d ]; then + chmod +x /home/$key_username/.gnupg/crls.d + fi chown -R $key_username:$key_username /home/$key_username/.gnupg else chmod 700 /root/.gnupg chmod -R 600 /root/.gnupg/* + printf '%%Assuan%%\nsocket=/dev/shm/S.dirmngr\n' > /root/.gnupg/S.dirmngr + if [ -d /root/.gnupg/crls.d ]; then + chmod +x /root/.gnupg/crls.d + fi chown -R $key_username:$key_username /root/.gnupg fi } diff --git a/src/freedombone-utils-keys b/src/freedombone-utils-keys index 70f81c95..086a1162 100755 --- a/src/freedombone-utils-keys +++ b/src/freedombone-utils-keys @@ -264,6 +264,10 @@ function interactive_key_recovery { cp -rf /home/$MY_USERNAME/.gnupg /root chmod 700 /root/.gnupg chmod 600 /root/.gnupg/* + printf '%%Assuan%%\nsocket=/dev/shm/S.dirmngr\n' > /root/.gnupg/S.dirmngr + if [ -d /root/.gnupg/crls.d ]; then + chmod +x /root/.gnupg/crls.d + fi fi }