mira/gentoo-pill
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

ok, rtfm

Browse Source
This commit is contained in:
Mira
2025-12-07 23:02:19 +06:00
parent 788990a075
commit b65f7bcb63
1 changed files with 29 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

39
binhost.sh
View File

@@ -92,21 +92,40 @@ init_container() {
echo "Running setup..."
podman exec "$CONTAINER_NAME" bash -c "
mkdir -p /root/.gnupg
chmod 700 /root/.gnupg
# needed for headless signing
echo 'allow-loopback-pinentry' > /root/.gnupg/gpg-agent.conf
gpg-connect-agent reloadagent /bye
gpg --batch --import /tmp/signing.key
mkdir -p /etc/portage/gnupg
gpg --export | gpg --homedir /etc/portage/gnupg --import
# really yikes man, i don't know what it's doing
# that it can't read trustdb
chmod 755 /etc/portage/gnupg
chmod 755 /root/.gnupg
find /etc/portage/gnupg -type f -exec chmod 666 {} +
FINGERPRINT=\$(gpg --with-colons --show-keys /tmp/signing.key | awk -F: '/^pub/ { print \$5 }' | head -n1)
echo \"\$FINGERPRINT:6:\" | gpg --homedir /etc/portage/gnupg --import-ownertrust
# import to root
gpg --batch --import /tmp/signing.key
mkdir -p /etc/portage/gnupg
chmod 700 /etc/portage/gnupg # Keep strict during import operations
# import to portage
gpg --homedir /etc/portage/gnupg --batch --import /tmp/signing.key
FINGERPRINT=\$(gpg --with-colons --show-keys /tmp/signing.key | awk -F: '/^fpr:/ { print \$10; exit }')
if [ -z \"\$FINGERPRINT\" ]; then
echo \"Error: Could not obtain fingerprint\"
exit 1
fi
# trust the key in root
echo \"\$FINGERPRINT:6:\" | gpg --batch --import-ownertrust
# trust the key in portage
echo \"\$FINGERPRINT:6:\" | gpg --homedir /etc/portage/gnupg --batch --import-ownertrust
gpg --homedir /etc/portage/gnupg --check-trustdb
chmod 700 /root/.gnupg
find /root/.gnupg -type f -exec chmod 600 {} +
chmod 755 /etc/portage/gnupg
find /etc/portage/gnupg -type f -exec chmod 644 {} +
if [[ ! -d /var/db/repos/gentoo/profiles ]]; then
emerge-webrsync -q
fi