Richard W.M. Jones
2017-Apr-04 21:13 UTC
[Libguestfs] [PATCH] builder: Allow GnuPG v2 or v1 to be used (RHBZ#1438939).
All of the GPG commands we run are compatible with either v1 or v2, so this simply involves changing the configure script to find either binary. --- builder/cmdline.ml | 2 +- docs/guestfs-building.pod | 17 ++++++++++++++++- m4/guestfs_progs.m4 | 19 +++++++++++++++++++ mllib/guestfs_config.ml.in | 1 + 4 files changed, 37 insertions(+), 2 deletions(-) diff --git a/builder/cmdline.ml b/builder/cmdline.ml index aa852e8f5..5424e885a 100644 --- a/builder/cmdline.ml +++ b/builder/cmdline.ml @@ -87,7 +87,7 @@ let parse_cmdline () let add_fingerprint arg = push_front arg fingerprints in let format = ref "" in - let gpg = ref "gpg" in + let gpg = ref Guestfs_config.gnupg in let list_format = ref List_entries.Short in let list_set_long () = list_format := List_entries.Long in diff --git a/docs/guestfs-building.pod b/docs/guestfs-building.pod index 5e314b34d..b29fcc4ab 100644 --- a/docs/guestfs-building.pod +++ b/docs/guestfs-building.pod @@ -280,10 +280,25 @@ Optional. For the L<UML backend|guestfs(3)/BACKEND>. Optional. Used by virt-builder for downloads. -=item gpg +=item GNU Privacy Guard (GnuPG, gpg) v1 or v2 Optional. Used by virt-builder for checking digital signatures. +Either version 1 or version 2 or fallback from v2 to v1 may be used by +specifying: + + ./configure --with-gnupg="gpg" + + ./configure --with-gnupg="gpg2" + + ./configure --with-gnupg="gpg2 gpg" + +Additionally the end user can override the choice using the +virt-builder I<--gpg> option. + +B<NB:> Do not confuse C<gpg2> with C<gpgv2>. The latter is for +B<v>erifying signatures only, and will not work as the gnupg binary. + =item liblzma Optional. If available, virt-builder will use this library diff --git a/m4/guestfs_progs.m4 b/m4/guestfs_progs.m4 index 1f0a4c1f6..ec1f400e9 100644 --- a/m4/guestfs_progs.m4 +++ b/m4/guestfs_progs.m4 @@ -114,6 +114,25 @@ if test "x$YACC" = "xyacc"; then AC_MSG_FAILURE([GNU 'bison' is required (yacc won't work).]) fi +dnl Check for GnuPG, used by virt-builder. This is just the +dnl default binary, and it can be overridden on the command line. +AC_ARG_WITH([gnupg], + [AS_HELP_STRING([--with-gnupg="gpg2"], + [set default GNU Privacy Guard binary v1 or v2 @<:@default="gpg2 gpg"@:>@])], + [], + [with_gnupg="gpg2 gpg"] +) + +AS_IF([test "x$with_gnupg" = "xno"],[ + AC_MSG_WARN([GnuPG was disabled, you must use virt-builder --gpg option to check signatures]) + GNUPG=no +],[ + AC_PATH_PROGS([GNUPG],[$with_gnupg],[no]) + AS_IF([test "x$GNUPG" = "xno"],[ + AC_MSG_WARN([GnuPG was not found]) + ]) +]) + dnl zip/unzip, used by virt-v2v AC_PATH_PROGS([ZIP],[zip],[no]) AC_DEFINE_UNQUOTED([ZIP],["$ZIP"],[Name of zip program.]) diff --git a/mllib/guestfs_config.ml.in b/mllib/guestfs_config.ml.in index 4d1a5c5d0..68dbcbc20 100644 --- a/mllib/guestfs_config.ml.in +++ b/mllib/guestfs_config.ml.in @@ -23,3 +23,4 @@ let package_version_full = "@PACKAGE_VERSION_FULL@" let prefix = "@prefix@" let datadir = prefix ^ "/share" let host_cpu = "@host_cpu@" +let gnupg = "@GNUPG@" -- 2.12.0
Pino Toscano
2017-Apr-06 09:05 UTC
Re: [Libguestfs] [PATCH] builder: Allow GnuPG v2 or v1 to be used (RHBZ#1438939).
On Tuesday, 4 April 2017 23:13:58 CEST Richard W.M. Jones wrote:> All of the GPG commands we run are compatible with either v1 or v2, so > this simply involves changing the configure script to find either > binary. > ---Why not simply check it at runtime? We have Common_utils.which already. -- Pino Toscano
Richard W.M. Jones
2017-Apr-06 10:24 UTC
Re: [Libguestfs] [PATCH] builder: Allow GnuPG v2 or v1 to be used (RHBZ#1438939).
On Thu, Apr 06, 2017 at 11:05:04AM +0200, Pino Toscano wrote:> On Tuesday, 4 April 2017 23:13:58 CEST Richard W.M. Jones wrote: > > All of the GPG commands we run are compatible with either v1 or v2, so > > this simply involves changing the configure script to find either > > binary. > > --- > > Why not simply check it at runtime? We have Common_utils.which already.I have posted a v2 which does this. Thanks, Rich. -- Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones Read my programming and virtualization blog: http://rwmj.wordpress.com virt-p2v converts physical machines to virtual machines. Boot with a live CD or over the network (PXE) and turn machines into KVM guests. http://libguestfs.org/virt-v2v
Possibly Parallel Threads
- [PATCH v2] builder: Allow GnuPG v2 or v1 to be used (RHBZ#1438939).
- gpg2 (GnuPG) Security Update for CentOS 6.10
- [PATCH 1/2] configure: visually split the blocks of checks
- [PATCH 1/2] valgrind: Use --trace-children=no --child-silent-after-fork=yes
- Re: [PATCH] builder: Allow GnuPG v2 or v1 to be used (RHBZ#1438939).