Commit Graph

9 Commits

Author SHA1 Message Date
Ben Grande
a17f9f5250 feat: unattended qubes-builder build
Split-gpg2 allows to isolate GPG home directories. In the future,
enforcing this setting via drop-in configuration would be safer, depends
on https://github.com/QubesOS/qubes-issues/issues/8792.
2024-01-05 17:24:14 +01:00
Ben Grande
c1094046ee fix: add user to mock group 2024-01-05 11:07:27 +01:00
Ben Grande
6bb426a057 refactor: import armored gpg keys instead of db 2024-01-03 21:40:05 +01:00
Ben Grande
0eecbcffc4 fix: unconfined qfile-unpacker
Upstream-commit: 0648b2329f0d142a2e24ecf376b28603fb04abb4
2024-01-03 14:35:06 +01:00
Ben Grande
083285901c fix: remove old split-gpg from qubes-builder 2024-01-03 14:29:49 +01:00
Ben Grande
f8953c6acc doc: better usage of split-gpg2 in qubes-builder 2023-12-28 12:26:37 +01:00
Ben Grande
b52e4b1b63 fix: strict split-gpg2 service
Split-gpg V1 allowed for querying public keys, but as split-gpg2 is
running as an agent, public keys are not queried. Allowing connection to
the server to query only public parts of the key exposes the server more
than needed to the client.

All clients now have to hold the public key they need locally in order
to do GPG operations.
2023-12-28 11:47:41 +01:00
Ben Grande
b4d142b640 refactor: move appended states to drop-in rc.local 2023-12-19 22:50:59 +01:00
Ben Grande
5eebd789ed refactor: initial commit 2023-11-13 14:33:28 +00:00