By default GPG will continue to perform actions against our default keyring.
During the keychain import stage this results in the export of both the
keyring for the repository we're working on, plus our own default keyring.
The import phase then continues to import all these exported keys, which
include the entries from our default keyring, for which all those entries
already exist. If you have a lot of keys in your default keyring this takes a
long time, and can be noisy due to validation, yet offers absolutely no value.
To avoid all this overhead we only need to pass the `--no-default-keyring`
option to GPG during this export phase. The result will still be what we're
expecting - i.e. that all entries from the repository pubring are imported
into our default keyring.
Previously the keychain import appears to have redirected stderr to stdout,
silenced lines that indicate a key has 'not changed' then send the output back
to stdout. This behaviour has been carried over to the new GnuPG-2.1
compatible implementation.
* Use the `rm` command with `-P` as a shred fallback
The newer versions of OSX (Sierra) have neither `shred` nor `srm`.
They do have `rm` with the `-P` option, so we can fall back to that
before resorting to plain old `rm`.
* Add double-quotes and braces to the shell variable.
We should treat the variable as a string, and we should also be safe
when interpolating it.
* Requiring a file to be entered to finish editing
Running blackbox_edit_end without an argument doesn't currently print out a warning that no files are being changed. A developer in my team who was new to Blackbox committed a decrypted file (and made no changes to the GPG file) as they didn't realise the command hadn't worked.
The check I've added should help to avoid these errors.
* Adding argument check to start editing
Otherwise, somebody with neither shred nor srm installed could blithely
go on using Blackbox assuming that their working copies are getting
securely deleted.
If you install Git for Windows (https://git-for-windows.github.io/) you get a console
,either CMD or MINTT, which returns MINGW* for uname -s. So if you run blackbox_addadmin
or the other commands, you'll get: "ERROR: Unknown OS. Exiting."
I've simply added MINGW* to the Linux and CYGWIN checks and it seems to work fine.
NOTE: I didn't touch tools/test_functions.sh allthough it should probably be updated as well.
Use same naming scheme as elsewhere when creating tempfiles.
This fixes deregistering files, when seeing:
```
mktemp: too few X's in template ‘_stacklib_’
```
If a user has $EDITOR set to e.g "subl --wait", then "$EDITOR" (with
quotes) will fail with error "command not found: subl --wait". In other
words, it looks for an executable containing the space and the --wait in
it.
Simply removing the quotes seems to work fine.
This prevents the "mktemp: too few X's in template
_stacklib_" error message from appearing when
adding another admin to blackbox and allows the command to successfully
execute.
Related:
rtomayko/shocco#5http://unix.stackexchange.com/q/87638/63283
* Split out test helper functions into tools/test_functions.sh
* bin/_blackbox_common_test.sh: Unit-tests for functions.
* blackbox_postdeploy: Use cp_permissions instead of chmod --reference
