summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorEli Schwartz <eschwartz@archlinux.org>2019-05-06 14:51:28 -0400
committerLevente Polyak <anthraxx@archlinux.org>2019-08-09 19:41:53 +0200
commitbec29e632b8c33d35a7629ac2127c4a9c1465377 (patch)
treebbde6f89de616869d249b3666c6f32e442001c97
parent70f3b8ddb84d8bbfb44d250188667bb7ba0b1db3 (diff)
downloaddevtools-bec29e632b8c33d35a7629ac2127c4a9c1465377.tar.xz
arch-nspawn: unshare the gpg namespace to prevent zombie processes
gpg-agent is really annoying and leaves useless copies of itself around. Using unshare ensures that all such processes are killed as soon as the main gpg process dies. Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> Signed-off-by: Levente Polyak <anthraxx@archlinux.org>
-rw-r--r--arch-nspawn.in2
1 files changed, 1 insertions, 1 deletions
diff --git a/arch-nspawn.in b/arch-nspawn.in
index 8a87b96..5817143 100644
--- a/arch-nspawn.in
+++ b/arch-nspawn.in
@@ -97,7 +97,7 @@ build_mount_args() {
}
copy_hostconf () {
- gpg --homedir "$working_dir"/etc/pacman.d/gnupg/ --no-permission-warning --quiet --batch --import --import-options import-local-sigs "$(pacman-conf GpgDir)"/pubring.gpg >/dev/null 2>&1
+ unshare --fork --pid gpg --homedir "$working_dir"/etc/pacman.d/gnupg/ --no-permission-warning --quiet --batch --import --import-options import-local-sigs "$(pacman-conf GpgDir)"/pubring.gpg >/dev/null 2>&1
pacman-key --gpgdir "$working_dir"/etc/pacman.d/gnupg/ --import-trustdb "$(pacman-conf GpgDir)" >/dev/null 2>&1
printf 'Server = %s\n' "${host_mirrors[@]}" >"$working_dir/etc/pacman.d/mirrorlist"