From 77a45bebc9168b396334630ef109c1d48ddaf930 Mon Sep 17 00:00:00 2001
From: David Kalnischkies <david@kalnischkies.de>
Date: Thu, 16 Jan 2014 23:51:05 +0100
Subject: use our own homedir for gpg in testcases

Git-Dch: Ignore
---
 test/integration/framework | 25 +++++++++++++++++++++++--
 1 file changed, 23 insertions(+), 2 deletions(-)

(limited to 'test')

diff --git a/test/integration/framework b/test/integration/framework
index c4953812b..1db1946db 100644
--- a/test/integration/framework
+++ b/test/integration/framework
@@ -124,6 +124,13 @@ gdb() {
 http() {
 	LD_LIBRARY_PATH=${BUILDDIRECTORY} ${BUILDDIRECTORY}/methods/http
 }
+gpg() {
+	# see apt-key for the whole trickery. Setup is done in setupenvironment
+	command gpg --ignore-time-conflict --no-options --no-default-keyring \
+		--homedir "${TMPWORKINGDIRECTORY}/gnupghome" \
+		--no-auto-check-trustdb --trust-model always \
+		"$@"
+}
 
 exitwithstatus() {
         # error if we about to overflow, but ...
@@ -205,6 +212,20 @@ setupenvironment() {
 	export LC_ALL=C.UTF-8
 	export PATH="${PATH}:/usr/local/sbin:/usr/sbin:/sbin"
 	configcompression '.' 'gz' #'bz2' 'lzma' 'xz'
+
+	# gpg needs a trustdb to function, but it can't be invalid (not even empty)
+	# see also apt-key where this trickery comes from:
+	local TRUSTDBDIR="${TMPWORKINGDIRECTORY}/gnupghome"
+	mkdir "$TRUSTDBDIR"
+	chmod 700 "$TRUSTDBDIR"
+	# We also don't use a secret keyring, of course, but gpg panics and
+	# implodes if there isn't one available - and writeable for imports
+	local SECRETKEYRING="${TRUSTDBDIR}/secring.gpg"
+	touch $SECRETKEYRING
+	# now create the trustdb with an (empty) dummy keyring
+	# newer gpg versions are fine without it, but play it safe for now
+	gpg --quiet --check-trustdb --secret-keyring $SECRETKEYRING --keyring $SECRETKEYRING >/dev/null 2>&1
+
 	msgdone "info"
 }
 
@@ -390,7 +411,7 @@ Package: $NAME" >> ${BUILDDIR}/debian/control
 		| while read SRC; do
 		echo "pool/${SRC}" >> ${BUILDDIR}/../${RELEASE}.${DISTSECTION}.srclist
 #		if expr match "${SRC}" '.*\.dsc' >/dev/null 2>&1; then
-#			gpg --yes --no-default-keyring --secret-keyring ./keys/joesixpack.sec \
+#			gpg --yes --secret-keyring ./keys/joesixpack.sec \
 #				--keyring ./keys/joesixpack.pub --default-key 'Joe Sixpack' \
 #				--clearsign -o "${BUILDDIR}/../${SRC}.sign" "${BUILDDIR}/../$SRC"
 #			mv "${BUILDDIR}/../${SRC}.sign" "${BUILDDIR}/../$SRC"
@@ -764,7 +785,7 @@ setupaptarchive() {
 
 signreleasefiles() {
 	local SIGNER="${1:-Joe Sixpack}"
-	local GPG="gpg --batch --yes --no-default-keyring --trustdb-name rootdir/etc/apt/trustdb.gpg"
+	local GPG="gpg --batch --yes"
 	msgninfo "\tSign archive with $SIGNER key… "
 	local REXKEY='keys/rexexpired'
 	local SECEXPIREBAK="${REXKEY}.sec.bak"
-- 
cgit v1.2.3