safer method to sign packages

git-svn-id: svn+slack://slack.fluxo.info/var/svn/simplepkg@688 04377dda-e619-0410-9926-eae83683ac58
author: rhatto <rhatto@04377dda-e619-0410-9926-eae83683ac58> 2008-12-18 18:29:23 +0000
committer: rhatto <rhatto@04377dda-e619-0410-9926-eae83683ac58> 2008-12-18 18:29:23 +0000
commit: 7e1b02c18e197ef37b09c15631fba20bd13b6a54 (patch)
tree: 6ef3fb30136bf7652dcc5db416cb2cb6665b80c4 /trunk/src
parent: a205adba9cf8abdc8854144bb9ed6e05f44e1f42 (diff)
download: simplepkg-7e1b02c18e197ef37b09c15631fba20bd13b6a54.tar.gz
simplepkg-7e1b02c18e197ef37b09c15631fba20bd13b6a54.tar.bz2
1 files changed, 5 insertions, 4 deletions
diff --git a/trunk/src/createpkg b/trunk/src/createpkg
index a46b911..6c0a4df 100644
--- a/trunk/src/createpkg
+++ b/trunk/src/createpkg
@@ -716,10 +716,11 @@ if [ $SIGN_PACKAGES -eq $on ]; then
   fi
 
   if [ ! -z "$SIGN_PACKAGES_USER" ]; then
-    rm -f $TMP/$PKG_NAME.asc
-    su $SIGN_PACKAGES_USER -c "gpg --use-agent --armor -sb -u $SIGN_KEYID -o $TMP/$PKG_NAME.asc $PACKAGES_DIR/$PKG_NAME"
-    cp $TMP/$PKG_NAME.asc $PACKAGES_DIR/$PKG_NAME.asc
-    rm -f $TMP/$PKG_NAME.asc
+    tmp_sign_folder="`mktemp -d $TMP/createpkg_sign.XXXXXX`"
+    chown $SIGN_PACKAGES_USER $tmp_sign_folder
+    su $SIGN_PACKAGES_USER -c "gpg --use-agent --armor -sb -u $SIGN_KEYID -o $tmp_sign_folder/$PKG_NAME.asc $PACKAGES_DIR/$PKG_NAME"
+    cp $tmp_sign_folder/$PKG_NAME.asc $PACKAGES_DIR/$PKG_NAME.asc
+    rm -rf $tmp_sign_folder
   else
     gpg --use-agent --armor -sb -u $SIGN_KEYID $PACKAGES_DIR/$PKG_NAME
   fi
author	rhatto <rhatto@04377dda-e619-0410-9926-eae83683ac58>	2008-12-18 18:29:23 +0000
committer	rhatto <rhatto@04377dda-e619-0410-9926-eae83683ac58>	2008-12-18 18:29:23 +0000
commit	7e1b02c18e197ef37b09c15631fba20bd13b6a54 (patch)
tree	6ef3fb30136bf7652dcc5db416cb2cb6665b80c4 /trunk/src
parent	a205adba9cf8abdc8854144bb9ed6e05f44e1f42 (diff)
download	simplepkg-7e1b02c18e197ef37b09c15631fba20bd13b6a54.tar.gz simplepkg-7e1b02c18e197ef37b09c15631fba20bd13b6a54.tar.bz2