diff options
author | Eli Schwartz <eschwartz@archlinux.org> | 2019-05-06 14:51:28 -0400 |
---|---|---|
committer | Levente Polyak <anthraxx@archlinux.org> | 2019-08-09 19:41:53 +0200 |
commit | bec29e632b8c33d35a7629ac2127c4a9c1465377 (patch) | |
tree | bbde6f89de616869d249b3666c6f32e442001c97 | |
parent | 70f3b8ddb84d8bbfb44d250188667bb7ba0b1db3 (diff) | |
download | devtools-bec29e632b8c33d35a7629ac2127c4a9c1465377.tar.xz |
arch-nspawn: unshare the gpg namespace to prevent zombie processes
gpg-agent is really annoying and leaves useless copies of itself around.
Using unshare ensures that all such processes are killed as soon as the
main gpg process dies.
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Levente Polyak <anthraxx@archlinux.org>
-rw-r--r-- | arch-nspawn.in | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/arch-nspawn.in b/arch-nspawn.in index 8a87b96..5817143 100644 --- a/arch-nspawn.in +++ b/arch-nspawn.in @@ -97,7 +97,7 @@ build_mount_args() { } copy_hostconf () { - gpg --homedir "$working_dir"/etc/pacman.d/gnupg/ --no-permission-warning --quiet --batch --import --import-options import-local-sigs "$(pacman-conf GpgDir)"/pubring.gpg >/dev/null 2>&1 + unshare --fork --pid gpg --homedir "$working_dir"/etc/pacman.d/gnupg/ --no-permission-warning --quiet --batch --import --import-options import-local-sigs "$(pacman-conf GpgDir)"/pubring.gpg >/dev/null 2>&1 pacman-key --gpgdir "$working_dir"/etc/pacman.d/gnupg/ --import-trustdb "$(pacman-conf GpgDir)" >/dev/null 2>&1 printf 'Server = %s\n' "${host_mirrors[@]}" >"$working_dir/etc/pacman.d/mirrorlist" |