Re: [PATCHv2] push: heed user.signingkey for signed pushes

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Junio C Hamano schrieb am 23.10.2014 um 01:47:
> Junio C Hamano <gitster@xxxxxxxxx> writes:
> 
>> Michael J Gruber <git@xxxxxxxxxxxxxxxxxxxx> writes:
>>
>>> push --signed promises to take user.signingkey as the signing key but
>>> fails to read the config.
>>>
>>> Make it do so.
>>>
>>> Signed-off-by: Michael J Gruber <git@xxxxxxxxxxxxxxxxxxxx>
>>> ---
>>> Okay, I guess this is nicer. We do have the committer info in the env. Sorry.
>>>
>>>  builtin/push.c         |  13 ++++++++++++-
>>>  t/lib-gpg/trustdb.gpg  | Bin 1360 -> 1360 bytes
>>>  t/t5534-push-signed.sh |  44 ++++++++++++++++++++++++++++++++++++++++++++
>>>  3 files changed, 56 insertions(+), 1 deletion(-)
>>
>> Hmph, I simply forgot about that configuration, I guess.
>>
>> What is this change to trustdb about, though?  The log message does
>> not say anything about it.
> 
> This is a related tangent, but I just tried this:
> 
>     $ git clone ... git.git
>     $ cd git.git
>     $ chmod a-w t/lib-gpg/* t/lib-gpg
>     $ make test
> 
> which makes GPG related tests to fail, as running GPG with the GNUPGHOME
> set there involves writing into the files in the directory (or
> removing and recreating).
> 
> Perhaps GPG tests should create their own copy in the playpen (aka
> "trash directory") and use that as GNUPGHOME so that we do not have
> to write into the single shared directory?  I wonder if automated
> parallel tests can intermittently fail because of this...

If I do that, I get:

gpg: can't create `/home/mjg/src/git/t/trash
directory.t5534-push-signed/gpghome/random_seed': Permission denied

So I we do copy the env around. Problems arise only when the original
copy ends up ro. We can guard against that by doing:

diff --git i/t/lib-gpg.sh w/t/lib-gpg.sh
index fd499e7..972f10e 100755
--- i/t/lib-gpg.sh
+++ w/t/lib-gpg.sh
@@ -17,7 +17,7 @@ else
                # Name and email: C O Mitter <committer@xxxxxxxxxxx>
                # No password given, to enable non-interactive operation.
                cp -R "$TEST_DIRECTORY"/lib-gpg ./gpghome
-               chmod 0700 gpghome
+               chmod 0700 gpghome gpghome/*
                GNUPGHOME="$(pwd)/gpghome"
                export GNUPGHOME
                test_set_prereq GPG

That is we have partial guard in place already.

I'll resend in proper format.

Michael
--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[Index of Archives]     [Linux Kernel Development]     [Gcc Help]     [IETF Annouce]     [DCCP]     [Netdev]     [Networking]     [Security]     [V4L]     [Bugtraq]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux SCSI]     [Fedora Users]