On Sun, Mar 27, 2011 at 11:14 AM, Ray Kohler <ataraxia...@gmail.com> wrote:
> Use mode 755, so non-root users can see inside.
> Add "--no-permission-warning" to GPG_PACMAN to suppress the noise that
> otherwise comes of not using mode 700 - this is not private data.
>
> GPGme turns out not to issue this warning itself, so no problem there.
>
> TODO: should non-root users be allowed to use the read-only operations
> (--list, --export, --finger)?
I would say yes- is there any reason not to allow them to?
> Signed-off-by: Ray Kohler <ataraxia...@gmail.com>
> ---
> scripts/pacman-key.sh.in | 7 ++++++-
> 1 files changed, 6 insertions(+), 1 deletions(-)
>
> diff --git a/scripts/pacman-key.sh.in b/scripts/pacman-key.sh.in
> index 5746e64..89e52fc 100644
> --- a/scripts/pacman-key.sh.in
> +++ b/scripts/pacman-key.sh.in
> @@ -244,7 +244,12 @@ fi
> if [[ GPGDIR=$(find_config "GPGDir") == 0 ]]; then
> PACMAN_KEYRING_DIR="${GPGDIR}"
> fi
> -GPG_PACMAN="gpg --homedir ${PACMAN_KEYRING_DIR}"
> +GPG_PACMAN="gpg --homedir ${PACMAN_KEYRING_DIR} --no-permission-warning"
> +
> +# Try to create $PACMAN_KEYRING_DIR if non-existent
> +# Check for simple existence rather than for a directory as someone may want
> +# to use a symlink here
> +[[ -e ${PACMAN_KEYRING_DIR} ]] || mkdir -p -m 755 "${PACMAN_KEYRING_DIR}"
>
> # Parse and execute command
> command="$1"
> --
> 1.7.4.1
>
>
>
