diff options
| author | Christian Pointner <equinox@spreadspace.org> | 2020-07-22 20:50:08 +0200 |
|---|---|---|
| committer | Christian Pointner <equinox@spreadspace.org> | 2020-07-22 20:50:08 +0200 |
| commit | 2ae0deb4f8bd7b21004f5bdb40585c83ca46d48b (patch) | |
| tree | 30aa91430c0f0bb3dbf5ded8ce8e4d4b6a0b75ad /roles/installer | |
| parent | switch to explicit python interpreter handling (diff) | |
switch from gpg --verify to gpgv
Diffstat (limited to 'roles/installer')
| -rw-r--r-- | roles/installer/debian/base/tasks/main.yml | 5 | ||||
| -rw-r--r-- | roles/installer/debian/fetch/tasks/verify-debian.yml | 5 | ||||
| -rw-r--r-- | roles/installer/debian/fetch/tasks/verify-ubuntu.yml | 5 |
3 files changed, 9 insertions, 6 deletions
diff --git a/roles/installer/debian/base/tasks/main.yml b/roles/installer/debian/base/tasks/main.yml index 119b3670..662b8acb 100644 --- a/roles/installer/debian/base/tasks/main.yml +++ b/roles/installer/debian/base/tasks/main.yml @@ -1,4 +1,9 @@ --- +- name: install gpgv + apt: + name: gpgv + state: present + - name: prepare directory keyrings file: name: "{{ installer_base_path }}/keyrings" diff --git a/roles/installer/debian/fetch/tasks/verify-debian.yml b/roles/installer/debian/fetch/tasks/verify-debian.yml index 9aef7962..917421bc 100644 --- a/roles/installer/debian/fetch/tasks/verify-debian.yml +++ b/roles/installer/debian/fetch/tasks/verify-debian.yml @@ -10,9 +10,8 @@ - name: verfiy signature of Release file command: >- - gpg --no-options --trust-model always --no-default-keyring --secret-keyring /dev/null - --keyring "{{ installer_keyrings_path | default(installer_base_path+'/keyrings') }}/debian-{{ install_codename }}.gpg" - --verify "{{ debian_installer_target_dir }}/Release.gpg" "{{ debian_installer_target_dir }}/Release" + gpgv --keyring "{{ installer_keyrings_path | default(installer_base_path+'/keyrings') }}/debian-{{ install_codename }}.gpg" + "{{ debian_installer_target_dir }}/Release.gpg" "{{ debian_installer_target_dir }}/Release" changed_when: False register: debian_installer_gpg_result diff --git a/roles/installer/debian/fetch/tasks/verify-ubuntu.yml b/roles/installer/debian/fetch/tasks/verify-ubuntu.yml index 6c6500ea..669c722b 100644 --- a/roles/installer/debian/fetch/tasks/verify-ubuntu.yml +++ b/roles/installer/debian/fetch/tasks/verify-ubuntu.yml @@ -10,9 +10,8 @@ - name: verfiy signature of SHA256SUMS.gpg file command: >- - gpg --no-options --trust-model always --no-default-keyring --secret-keyring /dev/null - --keyring "{{ installer_keyrings_path | default(installer_base_path+'/keyrings') }}/ubuntu-archive.gpg" - --verify "{{ debian_installer_target_dir }}/SHA256SUMS.gpg" "{{ debian_installer_target_dir }}/SHA256SUMS" + gpgv --keyring "{{ installer_keyrings_path | default(installer_base_path+'/keyrings') }}/ubuntu-archive.gpg" + "{{ debian_installer_target_dir }}/SHA256SUMS.gpg" "{{ debian_installer_target_dir }}/SHA256SUMS" changed_when: False register: debian_installer_gpg_result |