From 649653eb1c4c97c348d0de0f9f934ad3f4318331 Mon Sep 17 00:00:00 2001 From: Ivan Loskutov Date: Thu, 23 May 2024 06:24:13 +0200 Subject: [PATCH] Fix getting pubkey_id from depot user pubkey On systems with the option `use-keyboxd` enabled in config, option `--no-keyring` in gpg command line doesn't work. The result of the pubkey_id function will be the first key in the keybox keyring instead of the id of pubkey from the depot user. Fixes genodelabs/genode#5235 genodelabs/goa#92 --- tool/depot/mk/gpg.inc | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/tool/depot/mk/gpg.inc b/tool/depot/mk/gpg.inc index bcd938c4ff..8ee762633e 100644 --- a/tool/depot/mk/gpg.inc +++ b/tool/depot/mk/gpg.inc @@ -15,10 +15,9 @@ pubkey_path = $(firstword \ # obtain key ID of 'depot//pubkey' to be used to select signing key pubkey_id = $(shell pubkey_file=$(call pubkey_path,$1); \ - $(GPG) --yes -o $$pubkey_file.dearmored --dearmor $$pubkey_file; \ - $(GPG) --with-colon --no-default-keyring --list-public-keys \ - --keyring $$pubkey_file.dearmored |\ - head -n 2 | tail -n 1 | cut -d: -f5; rm -f $$pubkey_file.dearmored) + $(GPG) --dry-run --with-colon --import \ + --import-options import-show $$pubkey_file 2> /dev/null |\ + head -n 1 | cut -d: -f5) MISSING_PUBKEY_FILES := $(sort \ $(foreach A,$(ARCHIVES),\