Martchus
/
devtools
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

arch-nspawn: unshare the gpg namespace to prevent zombie processes 

gpg-agent is really annoying and leaves useless copies of itself around.
Using unshare ensures that all such processes are killed as soon as the
main gpg process dies.

Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Levente Polyak <anthraxx@archlinux.org>
This commit is contained in:
Eli Schwartz 2019-05-06 14:51:28 -04:00 committed by Levente Polyak
parent 70f3b8ddb8
commit bec29e632b
No known key found for this signature in database
GPG Key ID: FC1B547C8D8172C8
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
arch-nspawn.in
View File

@ -97,7 +97,7 @@ build_mount_args() {
}
copy_hostconf () {
gpg --homedir "$working_dir"/etc/pacman.d/gnupg/ --no-permission-warning --quiet --batch --import --import-options import-local-sigs "$(pacman-conf GpgDir)"/pubring.gpg >/dev/null 2>&1
unshare --fork --pid gpg --homedir "$working_dir"/etc/pacman.d/gnupg/ --no-permission-warning --quiet --batch --import --import-options import-local-sigs "$(pacman-conf GpgDir)"/pubring.gpg >/dev/null 2>&1
pacman-key --gpgdir "$working_dir"/etc/pacman.d/gnupg/ --import-trustdb "$(pacman-conf GpgDir)" >/dev/null 2>&1
printf 'Server = %s\n' "${host_mirrors[@]}" >"$working_dir/etc/pacman.d/mirrorlist"