瀏覽代碼

Fixing gpg key creation

Bob Mottram 10 年之前
父節點
當前提交
7b76b98e6e
共有 1 個文件被更改,包括 12 次插入18 次删除
  1. 12
    18
      install-freedombone.sh

+ 12
- 18
install-freedombone.sh 查看文件

@@ -860,28 +860,22 @@ function configure_gpg {
860 860
           echo "GPG private key file $MY_GPG_PRIVATE_KEY was not found"
861 861
           exit 6
862 862
       fi
863
-      su - $MY_USERNAME gpg --import $MY_GPG_PUBLIC_KEY
864
-      su - $MY_USERNAME gpg --allow-secret-key-import --import $MY_GPG_PRIVATE_KEY
863
+      su -c "gpg --import $MY_GPG_PUBLIC_KEY" - $MY_USERNAME
864
+      su -c "gpg --allow-secret-key-import --import $MY_GPG_PRIVATE_KEY" - $MY_USERNAME
865 865
       # for security ensure that the private key file doesn't linger around
866 866
       shred -zu $MY_GPG_PRIVATE_KEY
867 867
   else
868 868
       # Generate a GPG key
869
-      umask 0277
870
-      cat << EOF > /tmp/$MY_USERNAME-gpg-genkey.conf
871
-      %echo Generating a GPG key
872
-      Key-Type: RSA
873
-      Key-Length: 4096
874
-      Subkey-Type: ELG-E
875
-      Subkey-Length: 4096
876
-      Name-Real:  `hostname --fqdn`
877
-      Name-Email: $MY_USERNAME@`hostname --fqdn`
878
-      Expire-Date: 0
879
-      %commit
880
-      %echo Done
881
-      EOF
882
-      umask 0002
883
-	  su $MY_USERNAME gpg --batch --gen-key /tmp/$MY_USERNAME-gpg-genkey.conf > gpg-keygen.log 2> gpg-keygen_error.log
884
-      shred -zu /tmp/$MY_USERNAME-gpg-genkey.conf
869
+      echo 'Key-Type: 1' > /home/$MY_USERNAME/gpg-genkey.conf
870
+      echo 'Key-Length: 4096' >> /home/$MY_USERNAME/gpg-genkey.conf
871
+      echo 'Subkey-Type: 1' >> /home/$MY_USERNAME/gpg-genkey.conf
872
+      echo 'Subkey-Length: 4096' >> /home/$MY_USERNAME/gpg-genkey.conf
873
+      echo "Name-Real:  `hostname --fqdn`" >> /home/$MY_USERNAME/gpg-genkey.conf
874
+      echo "Name-Email: $MY_USERNAME@`hostname --fqdn`" >> /home/$MY_USERNAME/gpg-genkey.conf
875
+      echo 'Expire-Date: 0' >> /home/$MY_USERNAME/gpg-genkey.conf
876
+      chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/gpg-genkey.conf
877
+      su -c "gpg --batch --gen-key /home/$MY_USERNAME/gpg-genkey.conf" - $MY_USERNAME
878
+      shred -zu /home/$MY_USERNAME/gpg-genkey.conf
885 879
   fi
886 880
 
887 881
   echo 'configure_gpg' >> $COMPLETION_FILE