commit: a50597d0202a4968147c1b5d96ebeeb1872b0ffe
Author: Michał Górny <mgorny <AT> gentoo <DOT> org>
AuthorDate: Sat Oct 31 22:17:21 2020 +0000
Commit: Michał Górny <mgorny <AT> gentoo <DOT> org>
CommitDate: Sat Oct 31 22:18:50 2020 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a50597d0
verify-sig.eclass: Predict attempted writes to /run/user
Signed-off-by: Michał Górny <mgorny <AT> gentoo.org>
eclass/verify-sig.eclass | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/eclass/verify-sig.eclass b/eclass/verify-sig.eclass
index 5448bf2155d..83929098e6d 100644
--- a/eclass/verify-sig.eclass
+++ b/eclass/verify-sig.eclass
@@ -98,6 +98,11 @@ verify-sig_verify_detached() {
--keyserver "${VERIFY_SIG_OPENPGP_KEYSERVER}"
)
+ # GPG upstream knows better than to follow the spec, so we can't
+ # override this directory. However, there is a clean fallback
+ # to GNUPGHOME.
+ addpredict /run/user
+
einfo "Verifying ${file##*/} ..."
gemato gpg-wrap -K "${key}" "${extra_args[@]}" -- \
gpg --verify "${sig}" "${file}" ||
