diff options
| -rw-r--r-- | abrt.spec | 1 | ||||
| -rw-r--r-- | src/Daemon/Makefile.am | 4 | ||||
| -rw-r--r-- | src/Daemon/Settings.cpp | 29 | ||||
| -rw-r--r-- | src/Daemon/abrt.conf | 4 | ||||
| -rw-r--r-- | src/Daemon/gpg_keys | 1 |
5 files changed, 30 insertions, 9 deletions
@@ -277,6 +277,7 @@ fi %{_bindir}/%{name}-debuginfo-install %{_bindir}/%{name}-backtrace %config(noreplace) %{_sysconfdir}/%{name}/%{name}.conf +%config(noreplace) %{_sysconfdir}/%{name}/gpg_keys %config(noreplace) %{_sysconfdir}/dbus-1/system.d/dbus-%{name}.conf %{_initrddir}/%{name}d %dir %attr(0755, abrt, abrt) %{_localstatedir}/cache/%{name} diff --git a/src/Daemon/Makefile.am b/src/Daemon/Makefile.am index 18fcd81..235b01b 100644 --- a/src/Daemon/Makefile.am +++ b/src/Daemon/Makefile.am @@ -40,7 +40,9 @@ dbusabrtconfdir = ${sysconfdir}/dbus-1/system.d/ dist_dbusabrtconf_DATA = dbus-abrt.conf daemonconfdir = $(CONF_DIR) -dist_daemonconf_DATA = abrt.conf +dist_daemonconf_DATA = \ + abrt.conf \ + gpg_keys polkitconfdir = ${datadir}/polkit-1/actions dist_polkitconf_DATA = org.fedoraproject.abrt.policy diff --git a/src/Daemon/Settings.cpp b/src/Daemon/Settings.cpp index 6cf32a6..725c0d2 100644 --- a/src/Daemon/Settings.cpp +++ b/src/Daemon/Settings.cpp @@ -151,11 +151,6 @@ static void ParseCommon() { g_settings_bOpenGPGCheck = string_to_bool(it->second.c_str()); } - it = s_mapSectionCommon.find("OpenGPGPublicKeys"); - if (it != end) - { - g_settings_setOpenGPGPublicKeys = ParseList(it->second.c_str()); - } it = s_mapSectionCommon.find("BlackList"); if (it != end) { @@ -246,6 +241,26 @@ static void ParseAnalyzerActionsAndReporters() } } +static void LoadGPGKeys() +{ + std::ifstream fIn; + fIn.open(CONF_DIR"/gpg_keys"); + if (fIn.is_open()) + { + std::string line; + /* every line is one key + FIXME: make it more robust, it doesn't handle comments + */ + while (fIn.good()) + { + getline(fIn, line); + if (line[0] == '/') // probably the begining of path, so let's handle it as a key + g_settings_setOpenGPGPublicKeys.insert(line); + } + fIn.close(); + } +} + /* abrt daemon loads .conf file */ void LoadSettings() { @@ -255,7 +270,7 @@ void LoadSettings() { std::string line; std::string section; - while (!fIn.eof()) + while (fIn.good()) { getline(fIn, line); @@ -345,6 +360,8 @@ void LoadSettings() ParseCommon(); ParseAnalyzerActionsAndReporters(); ParseCron(); + if(g_settings_bOpenGPGCheck) + LoadGPGKeys(); } /* dbus call to retrieve .conf file data from daemon */ diff --git a/src/Daemon/abrt.conf b/src/Daemon/abrt.conf index c11afdf..2a3253c 100644 --- a/src/Daemon/abrt.conf +++ b/src/Daemon/abrt.conf @@ -1,9 +1,9 @@ [ Common ] # With this option set to "yes", # only crashes in signed packages will be analyzed. +# the list of public keys used to check the signature is +# in the file gpg_keys OpenGPGCheck = yes -# GPG keys -OpenGPGPublicKeys = /etc/pki/rpm-gpg/RPM-GPG-KEY-fedora # Blacklisted packages BlackList = nspluginwrapper, valgrind, strace # Which database plugin to use diff --git a/src/Daemon/gpg_keys b/src/Daemon/gpg_keys new file mode 100644 index 0000000..cde50f1 --- /dev/null +++ b/src/Daemon/gpg_keys @@ -0,0 +1 @@ +/etc/pki/rpm-gpg/RPM-GPG-KEY-fedora |