[maemo-developers] gpg-agent in scratchbox?

[From: Thomas Perl]

Hi,

2011/10/2 Rainer Dorsch <rdorsch at web.de>:
> when building my packages (navit), dpkg-buildpackage asks for my gpg
> passphrase. Outstide of scratchbox this is handled through gpg-agent, but
> inside scratchbox that does not seem to work.
>
> Do all package builders enter manually their passphrases, or does sombody have
> a working gpg-agent setup? If yes, can you please provide details?

As Neal said, for most packages it's okay to not sign them (-us -uc)
if you don't publish them. To get your "outer" instance of gpg-agent
registered/visible inside scratchbox, you have to make sure to pass
the environment variable $GPG_AGENT_INFO into the scratchbox
environment. The way you could accomplish this is to do something like
this in your "outer" .bashrc:

echo "GPG_AGENT_INFO=$GPG_AGENT_INFO"
>/scratchbox/users/yourusername/home/yourusername/.gpg_agent_info

Then, in your "inner" (inside Scratchbox) .bashrc, you can simply add:

source ~/.gpg_agent_info

After this (and opening a new terminal or entering "source .bashrc" in
your "outer" shell) you should get this variable set when you enter
scratchbox, and gpg should try to ask your GPG Agent for data. The
same works for ssh-agent as well (actually, I have only set it up for
ssh-agent, but given that they follow the same principle with
environment variables, I'm pretty sure that this approach works for
gpg-agent as well). If it doesn't work, echo $GPG_AGENT_INFO inside
scratchbox and make sure that it is set.

If you don't use bash, use .profile instead or refer to your shell's
manpage about environment variables there. Also, if you are on a
multi-user system, make sure that the file ".gpg_agent_info" is only
writable by your user, otherwise a malicious user could write shell
script code there that gets executed as your user whenever you open
Scratchbox.

HTH :)
Thomas