gpg import with --no-tty

With recent GPG versions, a TTY seems to be required to import keys.

Since importing of keys need to work when running from cron, we
pass --no-tty to those commands. This should mean that -t doesn't
have to be passed to SSH on bootstrapping for new Debian hosts
(tested on Raspbian).
This commit is contained in:
Fredrik Thulin 2019-03-17 13:26:44 +01:00
parent de49b194d0
commit 7c5a063045
No known key found for this signature in database
GPG key ID: 2707330D4030CCAD
2 changed files with 5 additions and 5 deletions

View file

@ -51,7 +51,7 @@ fi
if [ "$cmd_do_bootstrap" = "yes" ]; then if [ "$cmd_do_bootstrap" = "yes" ]; then
scp apt/cosmos_1.5-1_all.deb apt/bootstrap-cosmos.sh root@$cmd_hostname: scp apt/cosmos_1.5-1_all.deb apt/bootstrap-cosmos.sh root@$cmd_hostname:
ssh -t root@$cmd_hostname ./bootstrap-cosmos.sh $cmd_fqdn $rrepo $rtag ssh root@$cmd_hostname ./bootstrap-cosmos.sh $cmd_fqdn $rrepo $rtag
ssh -t root@$cmd_hostname cosmos update ssh root@$cmd_hostname cosmos update
ssh -t root@$cmd_hostname cosmos apply ssh root@$cmd_hostname cosmos apply
fi fi

View file

@ -55,10 +55,10 @@ for k in $COSMOS_KEYS/*.pub; do
if [[ ! ${KEYRING[$fp]} ]]; then if [[ ! ${KEYRING[$fp]} ]]; then
echo -e "$0: ${bold}Importing new key ${fp}${reset} from ${k}" echo -e "$0: ${bold}Importing new key ${fp}${reset} from ${k}"
cosmos gpg --import < $k cosmos gpg --no-tty --import < $k
elif [[ ${EXPIRED[$fp]} ]]; then elif [[ ${EXPIRED[$fp]} ]]; then
echo -e "$0: ${bold}Re-importing expired key ${fp}${reset} from ${k}" echo -e "$0: ${bold}Re-importing expired key ${fp}${reset} from ${k}"
cosmos gpg --import < $k cosmos gpg --no-tty --import < $k
fi fi
done done