summaryrefslogtreecommitdiffstats
path: root/config/chroot_local-includes/lib
diff options
context:
space:
mode:
authorintrigeri <intrigeri@boum.org>2018-02-18 07:11:43 +0000
committerintrigeri <intrigeri@boum.org>2018-02-18 07:11:43 +0000
commitc4af7868d09fa5a6515e2269903623588ba9fd2a (patch)
treec94fd538131a193ef8b789d1c3ffe48fde1387d4 /config/chroot_local-includes/lib
parent5f5e3dc57ecddeaee1dd924fb3f2ee62eca63e87 (diff)
Have systemd-tmpfiles create /usr/share/tails-iuk/trusted_gnupg_homedir with strict permissions and make them laxer only after having imported the public key in there (refs: #7037)
`mkdir -p --mode=0700' did not do anything because when it runs, systemd-tmpfiles has already created the directory with 755 permissions.
Diffstat (limited to 'config/chroot_local-includes/lib')
-rwxr-xr-xconfig/chroot_local-includes/lib/live/config/2000-import-gnupg-key3
1 files changed, 1 insertions, 2 deletions
diff --git a/config/chroot_local-includes/lib/live/config/2000-import-gnupg-key b/config/chroot_local-includes/lib/live/config/2000-import-gnupg-key
index a0d87aa..b409e90 100755
--- a/config/chroot_local-includes/lib/live/config/2000-import-gnupg-key
+++ b/config/chroot_local-includes/lib/live/config/2000-import-gnupg-key
@@ -6,10 +6,9 @@ Import_GnuPG_key ()
sudo -H -u "${LIVE_USERNAME}" gpg --batch --import /usr/share/doc/tails/website/*.key
echo "- importing Tails' GnuPG signing key into tails-iuk's trusted keyring"
- mkdir -p --mode=0700 /usr/share/tails-iuk/trusted_gnupg_homedir
gpg --batch --homedir /usr/share/tails-iuk/trusted_gnupg_homedir \
--import /usr/share/doc/tails/website/tails-signing.key
- chmod -R go+rX /usr/share/tails-iuk/trusted_gnupg_homedir
+ chmod -R go+rX /usr/share/tails-iuk
echo "- importing Tails help desk's GnuPG key into WhisperBack's keyring"
gpg --batch --no-default-keyring \