summaryrefslogtreecommitdiff
path: root/roles/installer
diff options
context:
space:
mode:
Diffstat (limited to 'roles/installer')
-rw-r--r--roles/installer/debian/base/tasks/main.yml5
-rw-r--r--roles/installer/debian/fetch/tasks/verify-debian.yml5
-rw-r--r--roles/installer/debian/fetch/tasks/verify-ubuntu.yml5
3 files changed, 9 insertions, 6 deletions
diff --git a/roles/installer/debian/base/tasks/main.yml b/roles/installer/debian/base/tasks/main.yml
index 119b3670..662b8acb 100644
--- a/roles/installer/debian/base/tasks/main.yml
+++ b/roles/installer/debian/base/tasks/main.yml
@@ -1,4 +1,9 @@
---
+- name: install gpgv
+ apt:
+ name: gpgv
+ state: present
+
- name: prepare directory keyrings
file:
name: "{{ installer_base_path }}/keyrings"
diff --git a/roles/installer/debian/fetch/tasks/verify-debian.yml b/roles/installer/debian/fetch/tasks/verify-debian.yml
index 9aef7962..917421bc 100644
--- a/roles/installer/debian/fetch/tasks/verify-debian.yml
+++ b/roles/installer/debian/fetch/tasks/verify-debian.yml
@@ -10,9 +10,8 @@
- name: verfiy signature of Release file
command: >-
- gpg --no-options --trust-model always --no-default-keyring --secret-keyring /dev/null
- --keyring "{{ installer_keyrings_path | default(installer_base_path+'/keyrings') }}/debian-{{ install_codename }}.gpg"
- --verify "{{ debian_installer_target_dir }}/Release.gpg" "{{ debian_installer_target_dir }}/Release"
+ gpgv --keyring "{{ installer_keyrings_path | default(installer_base_path+'/keyrings') }}/debian-{{ install_codename }}.gpg"
+ "{{ debian_installer_target_dir }}/Release.gpg" "{{ debian_installer_target_dir }}/Release"
changed_when: False
register: debian_installer_gpg_result
diff --git a/roles/installer/debian/fetch/tasks/verify-ubuntu.yml b/roles/installer/debian/fetch/tasks/verify-ubuntu.yml
index 6c6500ea..669c722b 100644
--- a/roles/installer/debian/fetch/tasks/verify-ubuntu.yml
+++ b/roles/installer/debian/fetch/tasks/verify-ubuntu.yml
@@ -10,9 +10,8 @@
- name: verfiy signature of SHA256SUMS.gpg file
command: >-
- gpg --no-options --trust-model always --no-default-keyring --secret-keyring /dev/null
- --keyring "{{ installer_keyrings_path | default(installer_base_path+'/keyrings') }}/ubuntu-archive.gpg"
- --verify "{{ debian_installer_target_dir }}/SHA256SUMS.gpg" "{{ debian_installer_target_dir }}/SHA256SUMS"
+ gpgv --keyring "{{ installer_keyrings_path | default(installer_base_path+'/keyrings') }}/ubuntu-archive.gpg"
+ "{{ debian_installer_target_dir }}/SHA256SUMS.gpg" "{{ debian_installer_target_dir }}/SHA256SUMS"
changed_when: False
register: debian_installer_gpg_result
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-29 06:04:36 +0000