mirror of
https://github.com/jessfraz/dockerfiles.git
synced 2024-11-27 04:16:45 +01:00
fix gpg --no-tty
Signed-off-by: Jess Frazelle <acidburn@google.com>
This commit is contained in:
parent
731e07fa40
commit
682475d05b
|
@ -9,7 +9,7 @@ RUN apt-get update && apt-get install -y \
|
||||||
--no-install-recommends
|
--no-install-recommends
|
||||||
|
|
||||||
RUN export GNUPGHOME="$(mktemp -d)" \
|
RUN export GNUPGHOME="$(mktemp -d)" \
|
||||||
&& gpg --keyserver pgp.mit.edu --recv-key A2CFB51FA275A7286234E7B24D17C995CD9775F2 \
|
&& gpg --no-tty --keyserver pgp.mit.edu --recv-key A2CFB51FA275A7286234E7B24D17C995CD9775F2 \
|
||||||
&& ( \
|
&& ( \
|
||||||
cd /tmp \
|
cd /tmp \
|
||||||
&& curl -O https://dl.eff.org/certbot-auto \
|
&& curl -O https://dl.eff.org/certbot-auto \
|
||||||
|
|
|
@ -39,7 +39,7 @@ RUN set -x \
|
||||||
&& curl -sSL "https://github.com/irssi/irssi/releases/download/${IRSSI_VERSION}/irssi-${IRSSI_VERSION}.tar.xz.asc" -o /tmp/irssi.tar.xz.asc \
|
&& curl -sSL "https://github.com/irssi/irssi/releases/download/${IRSSI_VERSION}/irssi-${IRSSI_VERSION}.tar.xz.asc" -o /tmp/irssi.tar.xz.asc \
|
||||||
&& export GNUPGHOME="$(mktemp -d)" \
|
&& export GNUPGHOME="$(mktemp -d)" \
|
||||||
# gpg: key DDBEF0E1: public key "The Irssi project <staff@irssi.org>" imported
|
# gpg: key DDBEF0E1: public key "The Irssi project <staff@irssi.org>" imported
|
||||||
&& gpg --keyserver ha.pool.sks-keyservers.net --recv-keys 7EE65E3082A5FB06AC7C368D00CCB587DDBEF0E1 \
|
&& gpg --no-tty --keyserver ha.pool.sks-keyservers.net --recv-keys 7EE65E3082A5FB06AC7C368D00CCB587DDBEF0E1 \
|
||||||
&& gpg --batch --verify /tmp/irssi.tar.xz.asc /tmp/irssi.tar.xz \
|
&& gpg --batch --verify /tmp/irssi.tar.xz.asc /tmp/irssi.tar.xz \
|
||||||
&& rm -r "$GNUPGHOME" /tmp/irssi.tar.xz.asc \
|
&& rm -r "$GNUPGHOME" /tmp/irssi.tar.xz.asc \
|
||||||
&& mkdir -p /usr/src \
|
&& mkdir -p /usr/src \
|
||||||
|
@ -60,7 +60,7 @@ RUN set -x \
|
||||||
&& curl -sSL "https://otr.cypherpunks.ca/libotr-${LIB_OTR_VERSION}.tar.gz.asc" -o /tmp/libotr.tar.gz.asc \
|
&& curl -sSL "https://otr.cypherpunks.ca/libotr-${LIB_OTR_VERSION}.tar.gz.asc" -o /tmp/libotr.tar.gz.asc \
|
||||||
&& export GNUPGHOME="$(mktemp -d)" \
|
&& export GNUPGHOME="$(mktemp -d)" \
|
||||||
# gpg: key 42C2ABAD: public key "OTR Dev Team (Signing Key) <otr@cypherpunks.ca>" imported
|
# gpg: key 42C2ABAD: public key "OTR Dev Team (Signing Key) <otr@cypherpunks.ca>" imported
|
||||||
&& gpg --keyserver pgp.mit.edu --recv-keys 22DF3305DF56667CE15784FCF24DE08F42C2ABAD \
|
&& gpg --no-tty --keyserver pgp.mit.edu --recv-keys 22DF3305DF56667CE15784FCF24DE08F42C2ABAD \
|
||||||
&& gpg --batch --verify /tmp/libotr.tar.gz.asc /tmp/libotr.tar.gz \
|
&& gpg --batch --verify /tmp/libotr.tar.gz.asc /tmp/libotr.tar.gz \
|
||||||
&& rm -r "$GNUPGHOME" /tmp/libotr.tar.gz.asc \
|
&& rm -r "$GNUPGHOME" /tmp/libotr.tar.gz.asc \
|
||||||
&& mkdir -p /usr/src/libotr \
|
&& mkdir -p /usr/src/libotr \
|
||||||
|
|
|
@ -81,7 +81,7 @@ install_kernel(){
|
||||||
curl -sSL -o "${grsecdir}/grsecurity.patch" "https://grsecurity.net/test/grsecurity-${GRSEC_VERSION}.patch"
|
curl -sSL -o "${grsecdir}/grsecurity.patch" "https://grsecurity.net/test/grsecurity-${GRSEC_VERSION}.patch"
|
||||||
curl -sSL -o "${grsecdir}/grsecurity.patch.sig" "https://grsecurity.net/test/grsecurity-${GRSEC_VERSION}.patch.sig"
|
curl -sSL -o "${grsecdir}/grsecurity.patch.sig" "https://grsecurity.net/test/grsecurity-${GRSEC_VERSION}.patch.sig"
|
||||||
# add the gpg key
|
# add the gpg key
|
||||||
gpg --keyserver pgp.mit.edu --recv-keys "DE94 52CE 46F4 2094 907F 108B 44D1 C0F8 2525 FE49"
|
gpg --no-tty --keyserver pgp.mit.edu --recv-keys "DE94 52CE 46F4 2094 907F 108B 44D1 C0F8 2525 FE49"
|
||||||
# verify the patch
|
# verify the patch
|
||||||
gpg --verify $grsecdir/grsecurity.patch.sig
|
gpg --verify $grsecdir/grsecurity.patch.sig
|
||||||
fi
|
fi
|
||||||
|
|
|
@ -40,7 +40,7 @@ RUN buildDeps=' \
|
||||||
&& curl -sSL "https://ricochet.im/releases/${RICOCHET_VERSION}/ricochet-${RICOCHET_VERSION}-linux-x86_64.tar.bz2.asc" -o /tmp/ricochet.tar.bz2.asc \
|
&& curl -sSL "https://ricochet.im/releases/${RICOCHET_VERSION}/ricochet-${RICOCHET_VERSION}-linux-x86_64.tar.bz2.asc" -o /tmp/ricochet.tar.bz2.asc \
|
||||||
&& export GNUPGHOME="$(mktemp -d)" \
|
&& export GNUPGHOME="$(mktemp -d)" \
|
||||||
&& chmod 600 "${GNUPGHOME}" \
|
&& chmod 600 "${GNUPGHOME}" \
|
||||||
&& curl -sSL https://ricochet.im/john-brooks.asc | gpg --import \
|
&& curl -sSL https://ricochet.im/john-brooks.asc | gpg --no-tty --import \
|
||||||
&& gpg --fingerprint --keyid-format LONG ${RICOCHET_FINGERPRINT} | grep "9032 CAE4 CBFA 933A 5A21 45D5 FF97 C53F 183C 045D" \
|
&& gpg --fingerprint --keyid-format LONG ${RICOCHET_FINGERPRINT} | grep "9032 CAE4 CBFA 933A 5A21 45D5 FF97 C53F 183C 045D" \
|
||||||
&& gpg --verify /tmp/ricochet.tar.bz2.asc \
|
&& gpg --verify /tmp/ricochet.tar.bz2.asc \
|
||||||
&& tar -vxj --strip-components 1 -C /usr/local/bin -f /tmp/ricochet.tar.bz2 \
|
&& tar -vxj --strip-components 1 -C /usr/local/bin -f /tmp/ricochet.tar.bz2 \
|
||||||
|
|
|
@ -21,7 +21,7 @@ RUN set -x \
|
||||||
zlib-dev \
|
zlib-dev \
|
||||||
&& curl -sSL "https://www.tarsnap.com/download/tarsnap-autoconf-${TARSNAP_VERSION}.tgz" -o /tmp/tarsnap.tgz \
|
&& curl -sSL "https://www.tarsnap.com/download/tarsnap-autoconf-${TARSNAP_VERSION}.tgz" -o /tmp/tarsnap.tgz \
|
||||||
&& curl -sSL "https://www.tarsnap.com/download/tarsnap-sigs-${TARSNAP_VERSION}.asc" -o /tmp/tarsnap.tgz.asc \
|
&& curl -sSL "https://www.tarsnap.com/download/tarsnap-sigs-${TARSNAP_VERSION}.asc" -o /tmp/tarsnap.tgz.asc \
|
||||||
&& curl -sSL "https://www.tarsnap.com/tarsnap-signing-key-2015.asc" | gpg --import \
|
&& curl -sSL "https://www.tarsnap.com/tarsnap-signing-key-2015.asc" | gpg --no-tty --import \
|
||||||
&& sha=$(gpg --decrypt /tmp/tarsnap.tgz.asc | awk '{ print $4 }') \
|
&& sha=$(gpg --decrypt /tmp/tarsnap.tgz.asc | awk '{ print $4 }') \
|
||||||
&& if [ "$sha" != "$(shasum -a 256 /tmp/tarsnap.tgz | awk '{ print $1 }')" ]; then exit 1; fi \
|
&& if [ "$sha" != "$(shasum -a 256 /tmp/tarsnap.tgz | awk '{ print $1 }')" ]; then exit 1; fi \
|
||||||
&& mkdir -p /usr/src/tarsnap \
|
&& mkdir -p /usr/src/tarsnap \
|
||||||
|
|
|
@ -36,7 +36,7 @@ RUN cd /tmp \
|
||||||
&& curl -sSOL "https://www.torproject.org/dist/torbrowser/${TOR_VERSION}/tor-browser-linux64-${TOR_VERSION}_en-US.tar.xz" \
|
&& curl -sSOL "https://www.torproject.org/dist/torbrowser/${TOR_VERSION}/tor-browser-linux64-${TOR_VERSION}_en-US.tar.xz" \
|
||||||
&& curl -sSOL "https://www.torproject.org/dist/torbrowser/${TOR_VERSION}/tor-browser-linux64-${TOR_VERSION}_en-US.tar.xz.asc" \
|
&& curl -sSOL "https://www.torproject.org/dist/torbrowser/${TOR_VERSION}/tor-browser-linux64-${TOR_VERSION}_en-US.tar.xz.asc" \
|
||||||
&& mkdir ~/.gnupg \
|
&& mkdir ~/.gnupg \
|
||||||
&& gpg --keyserver "hkp://pool.sks-keyservers.net" --recv-keys ${TOR_FINGERPRINT} \
|
&& gpg --no-tty --keyserver "hkp://pool.sks-keyservers.net" --recv-keys ${TOR_FINGERPRINT} \
|
||||||
&& gpg --fingerprint --keyid-format LONG ${TOR_FINGERPRINT} | grep "Key fingerprint = EF6E 286D DA85 EA2A 4BA7 DE68 4E2C 6E87 9329 8290" \
|
&& gpg --fingerprint --keyid-format LONG ${TOR_FINGERPRINT} | grep "Key fingerprint = EF6E 286D DA85 EA2A 4BA7 DE68 4E2C 6E87 9329 8290" \
|
||||||
&& gpg --verify tor-browser-linux64-${TOR_VERSION}_en-US.tar.xz.asc \
|
&& gpg --verify tor-browser-linux64-${TOR_VERSION}_en-US.tar.xz.asc \
|
||||||
&& tar -vxJ --strip-components 1 -C /usr/local/bin -f tor-browser-linux64-${TOR_VERSION}_en-US.tar.xz \
|
&& tar -vxJ --strip-components 1 -C /usr/local/bin -f tor-browser-linux64-${TOR_VERSION}_en-US.tar.xz \
|
||||||
|
|
|
@ -36,7 +36,7 @@ RUN cd /tmp \
|
||||||
&& curl -sSOL "https://dist.torproject.org/torbrowser/${TOR_VERSION}/tor-browser-linux64-${TOR_VERSION}_ALL.tar.xz" \
|
&& curl -sSOL "https://dist.torproject.org/torbrowser/${TOR_VERSION}/tor-browser-linux64-${TOR_VERSION}_ALL.tar.xz" \
|
||||||
&& curl -sSOL "https://dist.torproject.org/torbrowser/${TOR_VERSION}/tor-browser-linux64-${TOR_VERSION}_ALL.tar.xz.asc" \
|
&& curl -sSOL "https://dist.torproject.org/torbrowser/${TOR_VERSION}/tor-browser-linux64-${TOR_VERSION}_ALL.tar.xz.asc" \
|
||||||
&& mkdir ~/.gnupg \
|
&& mkdir ~/.gnupg \
|
||||||
&& gpg --keyserver "hkp://pool.sks-keyservers.net" --recv-keys ${TOR_FINGERPRINT} \
|
&& gpg --no-tty --keyserver "hkp://pool.sks-keyservers.net" --recv-keys ${TOR_FINGERPRINT} \
|
||||||
&& gpg --fingerprint --keyid-format LONG ${TOR_FINGERPRINT} | grep "Key fingerprint = EF6E 286D DA85 EA2A 4BA7 DE68 4E2C 6E87 9329 8290" \
|
&& gpg --fingerprint --keyid-format LONG ${TOR_FINGERPRINT} | grep "Key fingerprint = EF6E 286D DA85 EA2A 4BA7 DE68 4E2C 6E87 9329 8290" \
|
||||||
&& gpg --verify tor-browser-linux64-${TOR_VERSION}_ALL.tar.xz.asc \
|
&& gpg --verify tor-browser-linux64-${TOR_VERSION}_ALL.tar.xz.asc \
|
||||||
&& tar -vxJ --strip-components 1 -C /usr/local/bin -f tor-browser-linux64-${TOR_VERSION}_ALL.tar.xz \
|
&& tar -vxJ --strip-components 1 -C /usr/local/bin -f tor-browser-linux64-${TOR_VERSION}_ALL.tar.xz \
|
||||||
|
|
|
@ -36,7 +36,7 @@ RUN cd /tmp \
|
||||||
&& curl -sSOL "https://www.torproject.org/dist/torbrowser/${TOR_VERSION}/tor-browser-linux64-${TOR_VERSION}_en-US.tar.xz" \
|
&& curl -sSOL "https://www.torproject.org/dist/torbrowser/${TOR_VERSION}/tor-browser-linux64-${TOR_VERSION}_en-US.tar.xz" \
|
||||||
&& curl -sSOL "https://www.torproject.org/dist/torbrowser/${TOR_VERSION}/tor-browser-linux64-${TOR_VERSION}_en-US.tar.xz.asc" \
|
&& curl -sSOL "https://www.torproject.org/dist/torbrowser/${TOR_VERSION}/tor-browser-linux64-${TOR_VERSION}_en-US.tar.xz.asc" \
|
||||||
&& mkdir ~/.gnupg \
|
&& mkdir ~/.gnupg \
|
||||||
&& gpg --keyserver "hkp://pool.sks-keyservers.net" --recv-keys ${TOR_FINGERPRINT} \
|
&& gpg --no-tty --keyserver "hkp://pool.sks-keyservers.net" --recv-keys ${TOR_FINGERPRINT} \
|
||||||
&& gpg --fingerprint --keyid-format LONG ${TOR_FINGERPRINT} | grep "Key fingerprint = EF6E 286D DA85 EA2A 4BA7 DE68 4E2C 6E87 9329 8290" \
|
&& gpg --fingerprint --keyid-format LONG ${TOR_FINGERPRINT} | grep "Key fingerprint = EF6E 286D DA85 EA2A 4BA7 DE68 4E2C 6E87 9329 8290" \
|
||||||
&& gpg --verify tor-browser-linux64-${TOR_VERSION}_en-US.tar.xz.asc \
|
&& gpg --verify tor-browser-linux64-${TOR_VERSION}_en-US.tar.xz.asc \
|
||||||
&& tar -vxJ --strip-components 1 -C /usr/local/bin -f tor-browser-linux64-${TOR_VERSION}_en-US.tar.xz \
|
&& tar -vxJ --strip-components 1 -C /usr/local/bin -f tor-browser-linux64-${TOR_VERSION}_en-US.tar.xz \
|
||||||
|
|
|
@ -36,7 +36,7 @@ RUN cd /tmp && \
|
||||||
curl -sSOL https://dist.torproject.org/tormessenger/${TOR_VERSION}/sha256sums-unsigned-build.txt && \
|
curl -sSOL https://dist.torproject.org/tormessenger/${TOR_VERSION}/sha256sums-unsigned-build.txt && \
|
||||||
curl -sSOL https://dist.torproject.org/tormessenger/${TOR_VERSION}/sha256sums-unsigned-build.txt.asc && \
|
curl -sSOL https://dist.torproject.org/tormessenger/${TOR_VERSION}/sha256sums-unsigned-build.txt.asc && \
|
||||||
mkdir ~/.gnupg && \
|
mkdir ~/.gnupg && \
|
||||||
gpg --keyserver pgp.mit.edu --recv-keys ${TOR_FINGERPRINT} || \
|
gpg --no-tty --keyserver pgp.mit.edu --recv-keys ${TOR_FINGERPRINT} || \
|
||||||
gpg --fingerprint --keyid-format LONG ${TOR_FINGERPRINT} | grep "Key fingerprint = E4AC D397 5427 A5BA 8450 A1BE B01C 8B00 6DA7 7FAA" && \
|
gpg --fingerprint --keyid-format LONG ${TOR_FINGERPRINT} | grep "Key fingerprint = E4AC D397 5427 A5BA 8450 A1BE B01C 8B00 6DA7 7FAA" && \
|
||||||
gpg --verify sha256sums-unsigned-build.txt.asc && \
|
gpg --verify sha256sums-unsigned-build.txt.asc && \
|
||||||
grep $(sha256sum tor-messenger-linux64-${TOR_VERSION}_en-US.tar.xz) sha256sums-unsigned-build.txt && \
|
grep $(sha256sum tor-messenger-linux64-${TOR_VERSION}_en-US.tar.xz) sha256sums-unsigned-build.txt && \
|
||||||
|
|
Loading…
Reference in New Issue
Block a user