1 From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2 Date: Mon, 17 Apr 2017 10:51:55 -0400
3 Subject: g10: remove skeleton options files
5 * build-aux/speed/w32/inst.nsi: stop installing skeleton files.
6 * doc/gpg.texi: stop documenting skeleton files.
7 * g10/Makefile.am: stop installing skeleton files.
8 * g10/openfile.c (copy_options_file): Remove.
9 (try_make_homedir): do not call copy_options_file()
11 The defaults for gpg and dirmngr are good. Both programs should work
12 fine for the simple case without any config file. The skeleton config
13 files were being copied at first use (when the defaults are fine).
14 But when the user needs to fiddle with them (after they've become
15 sophisticated users), they're likely out of date because gpg has been
16 upgraded since then. So they're used for documentation, but they're
17 stale documentation, which is probably worse than a clean empty file.
22 Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
24 build-aux/speedo/w32/inst.nsi | 2 -
26 g10/Makefile.am | 8 +--
27 g10/dirmngr-conf.skel | 69 ---------------------
28 g10/openfile.c | 102 -------------------------------
29 g10/options.skel | 139 ------------------------------------------
30 6 files changed, 1 insertion(+), 323 deletions(-)
31 delete mode 100644 g10/dirmngr-conf.skel
32 delete mode 100644 g10/options.skel
34 diff --git a/build-aux/speedo/w32/inst.nsi b/build-aux/speedo/w32/inst.nsi
35 index 164e26b..779c759 100644
36 --- a/build-aux/speedo/w32/inst.nsi
37 +++ b/build-aux/speedo/w32/inst.nsi
38 @@ -607,8 +607,6 @@ Section "GnuPG" SEC_gnupg
39 Rename /REBOOTOK scdaemon.exe.tmp scdaemon.exe
41 SetOutPath "$INSTDIR\share\gnupg"
42 - File "share/gnupg/gpg-conf.skel"
43 - File "share/gnupg/dirmngr-conf.skel"
44 File "share/gnupg/distsigkey.gpg"
46 SetOutPath "$INSTDIR\share\locale\ca\LC_MESSAGES"
47 diff --git a/doc/gpg.texi b/doc/gpg.texi
48 index c591049..a7d78c4 100644
51 @@ -3452,10 +3452,6 @@ files; They all live in in the current home directory (@pxref{option
52 You should backup all files in this directory and take care to keep
53 this backup closed away.
55 - @item @value{DATADIR}/options.skel
56 - @efindex options.skel
57 - The skeleton options file.
61 Operation is further controlled by a few environment variables:
62 diff --git a/g10/Makefile.am b/g10/Makefile.am
63 index 604be93..19c5c78 100644
68 ## Process this file with automake to produce Makefile.in
70 -EXTRA_DIST = options.skel dirmngr-conf.skel distsigkey.gpg \
71 +EXTRA_DIST = distsigkey.gpg \
72 ChangeLog-2011 gpg-w32info.rc \
73 gpg.w32-manifest.in test.c t-keydb-keyring.kbx \
74 t-keydb-get-keyblock.gpg t-stutter-data.asc
75 @@ -238,18 +238,12 @@ install-exec-hook:
78 $(mkinstalldirs) $(DESTDIR)$(pkgdatadir)
79 - $(INSTALL_DATA) $(srcdir)/options.skel \
80 - $(DESTDIR)$(pkgdatadir)/gpg-conf.skel
81 - $(INSTALL_DATA) $(srcdir)/dirmngr-conf.skel \
82 - $(DESTDIR)$(pkgdatadir)/dirmngr-conf.skel
83 $(INSTALL_DATA) $(srcdir)/distsigkey.gpg \
84 $(DESTDIR)$(pkgdatadir)/distsigkey.gpg
86 # NB: For uninstalling gpg and gpgv we use -local because there is
87 # no need for a specific order the targets need to be run.
89 - -@rm $(DESTDIR)$(pkgdatadir)/gpg-conf.skel
90 - -@rm $(DESTDIR)$(pkgdatadir)/dirmngr-conf.skel
91 -@rm $(DESTDIR)$(pkgdatadir)/distsigkey.gpg
92 -@files=`for p in $(gpg2_hack_uninst); do echo "$$p"; done | \
93 sed -e 'h;s,^.*/,,;s/$(EXEEXT)$$//;$(transform)' \
94 diff --git a/g10/dirmngr-conf.skel b/g10/dirmngr-conf.skel
95 deleted file mode 100644
96 index fbb730b..0000000
97 --- a/g10/dirmngr-conf.skel
100 -# dirmngr-conf.skel - Skeleton to create dirmngr.conf.
101 -# (Note that the first three lines are not copied.)
103 -# dirmngr.conf - Options for Dirmngr
104 -# Written in 2015 by The GnuPG Project <https://gnupg.org>
106 -# To the extent possible under law, the authors have dedicated all
107 -# copyright and related and neighboring rights to this file to the
108 -# public domain worldwide. This file is distributed without any
109 -# warranty. You should have received a copy of the CC0 Public Domain
110 -# Dedication along with this file. If not, see
111 -# <http://creativecommons.org/publicdomain/zero/1.0/>.
114 -# Unless you specify which option file to use (with the command line
115 -# option "--options filename"), the file ~/.gnupg/dirmngr.conf is used
116 -# by dirmngr. The file can contain any long options which are valid
117 -# for Dirmngr. If the first non white space character of a line is a
118 -# '#', the line is ignored. Empty lines are also ignored. See the
119 -# dirmngr man page or the manual for a list of options.
124 -# GPG can send and receive keys to and from a keyserver. These
125 -# servers can be HKP, Email, or LDAP (if GnuPG is built with LDAP
128 -# Example HKP keyservers:
129 -# hkp://keys.gnupg.net
131 -# Example HKP keyserver using a Tor OnionBalance service
132 -# hkp://jirk5u4osbsr34t5.onion
134 -# Example HKPS keyservers (see --hkp-cacert below):
135 -# hkps://hkps.pool.sks-keyservers.net
137 -# Example LDAP keyservers:
138 -# ldap://pgp.surfnet.nl:11370
140 -# Regular URL syntax applies, and you can set an alternate port
141 -# through the usual method:
142 -# hkp://keyserver.example.net:22742
144 -# Most users just set the name and type of their preferred keyserver.
145 -# Note that most servers (with the notable exception of
146 -# ldap://keyserver.pgp.com) synchronize changes with each other. Note
147 -# also that a single server name may actually point to multiple
148 -# servers via DNS round-robin. hkp://keys.gnupg.net is an example of
149 -# such a "server", which spreads the load over a number of physical
152 -# If exactly two keyservers are configured and only one is a Tor hidden
153 -# service, Dirmngr selects the keyserver to use depending on whether
154 -# Tor is locally running or not (on a per session base).
156 -keyserver hkp://jirk5u4osbsr34t5.onion
157 -keyserver hkp://keys.gnupg.net
159 -# --hkp-cacert FILENAME
161 -# For the "hkps" scheme (keyserver access over TLS), Dirmngr needs to
162 -# know the root certificates for verification of the TLS certificates
163 -# used for the connection. Enter the full name of a file with the
164 -# root certificates here. If that file is in PEM format a ".pem"
165 -# suffix is expected. This option may be given multiple times to add
166 -# more root certificates. Tilde expansion is supported.
168 -#hkp-cacert /path/to/CA/sks-keyservers.netCA.pem
169 diff --git a/g10/openfile.c b/g10/openfile.c
170 index f62deec..2e8c102 100644
177 -#ifdef USE_ONLY_8DOT3
178 -#define SKELEXT ".skl"
180 -#define SKELEXT EXTSEP_S "skel"
183 #ifdef HAVE_W32_SYSTEM
184 #define NAME_OF_DEV_NULL "nul"
186 @@ -373,93 +367,6 @@ open_sigfile (const char *sigfilename, progress_filter_context_t *pfx)
191 - * Copy the option file skeleton for NAME to the given directory.
192 - * Returns true if the new option file has any option.
195 -copy_options_file (const char *destdir, const char *name)
197 - const char *datadir = gnupg_datadir ();
204 - int any_option = 0;
209 - fname = xstrconcat (datadir, DIRSEP_S, name, "-conf", SKELEXT, NULL);
210 - src = fopen (fname, "r");
211 - if (src && is_secured_file (fileno (src)))
215 - gpg_err_set_errno (EPERM);
219 - log_info (_("can't open '%s': %s\n"), fname, strerror(errno));
224 - fname = xstrconcat (destdir, DIRSEP_S, name, EXTSEP_S, "conf", NULL);
226 - oldmask = umask (077);
227 - if (is_secured_filename (fname))
230 - gpg_err_set_errno (EPERM);
233 - dst = fopen( fname, "w" );
238 - log_info (_("can't create '%s': %s\n"), fname, strerror(errno) );
244 - while ((c = getc (src)) != EOF)
258 - if (c == ' ' || c == '\t')
271 - log_info (_("new configuration file '%s' created\n"), fname);
278 try_make_homedir (const char *fname)
280 @@ -489,15 +396,6 @@ try_make_homedir (const char *fname)
281 fname, strerror(errno) );
282 else if (!opt.quiet )
283 log_info ( _("directory '%s' created\n"), fname );
285 - /* Note that we also copy a dirmngr.conf file here. This is
286 - because gpg is likely the first invoked tool and thus creates
288 - copy_options_file (fname, DIRMNGR_NAME);
289 - if (copy_options_file (fname, GPG_NAME))
290 - log_info (_("WARNING: options in '%s'"
291 - " are not yet active during this run\n"),
296 diff --git a/g10/options.skel b/g10/options.skel
297 deleted file mode 100644
298 index 87fc627..0000000
299 --- a/g10/options.skel
302 -# These first three lines are not copied to the gpg.conf file in
303 -# the users home directory.
306 -# Copyright 1998-2003, 2010 Free Software Foundation, Inc.
307 -# Copyright 1998-2003, 2010 Werner Koch
309 -# This file is free software; as a special exception the author gives
310 -# unlimited permission to copy and/or distribute it, with or without
311 -# modifications, as long as this notice is preserved.
313 -# This file is distributed in the hope that it will be useful, but
314 -# WITHOUT ANY WARRANTY, to the extent permitted by law; without even the
315 -# implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
317 -# Unless you specify which option file to use (with the command line
318 -# option "--options filename"), GnuPG uses the file ~/.gnupg/gpg.conf
321 -# An options file can contain any long options which are available in
322 -# GnuPG. If the first non white space character of a line is a '#',
323 -# this line is ignored. Empty lines are also ignored.
325 -# See the gpg man page for a list of options.
328 -# If you have more than 1 secret key in your keyring, you may want to
329 -# uncomment the following option and set your preferred keyid.
331 -#default-key 621CC013
334 -# If you do not pass a recipient to gpg, it will ask for one. Using
335 -# this option you can encrypt to a default key. Key validation will
336 -# not be done in this case. The second form uses the default key as
337 -# default recipient.
339 -#default-recipient some-user-id
340 -#default-recipient-self
343 -# Group names may be defined like this:
344 -# group mynames = paige 0x12345678 joe patti
346 -# Any time "mynames" is a recipient (-r or --recipient), it will be
347 -# expanded to the names "paige", "joe", and "patti", and the key ID
348 -# "0x12345678". Note there is only one level of expansion - you
349 -# cannot make an group that points to another group. Note also that
350 -# if there are spaces in the recipient name, this will appear as two
351 -# recipients. In these cases it is better to use the key ID.
353 -#group mynames = paige 0x12345678 joe patti
356 -# GnuPG can automatically locate and retrieve keys as needed using
357 -# this option. This happens when encrypting to an email address (in
358 -# the "user@@example.com" form) and there are no keys matching
359 -# "user@example.com" in the local keyring. This option takes any
360 -# number mechanisms which are tried in the given order. The default
361 -# is "--auto-key-locate local" to search for keys only in the local
362 -# key database. Uncomment the next line to locate a missing key using
363 -# two DNS based mechanisms.
365 -#auto-key-locate local,pka,dane
368 -# Common options for keyserver functions:
369 -# (Note that the --keyserver option has been moved to dirmngr.conf)
371 -# include-disabled = when searching, include keys marked as "disabled"
372 -# on the keyserver (not all keyservers support this).
374 -# no-include-revoked = when searching, do not include keys marked as
375 -# "revoked" on the keyserver.
377 -# verbose = show more information as the keys are fetched.
378 -# Can be used more than once to increase the amount
379 -# of information shown.
381 -# auto-key-retrieve = automatically fetch keys as needed from the keyserver
382 -# when verifying signatures or when importing keys that
383 -# have been revoked by a revocation key that is not
384 -# present on the keyring.
386 -# no-include-attributes = do not include attribute IDs (aka "photo IDs")
387 -# when sending keys to the keyserver.
389 -#keyserver-options auto-key-retrieve
392 -# Uncomment this line to display photo user IDs in key listings and
393 -# when a signature from a key with a photo is verified.
398 -# Use this program to display photo user IDs
400 -# %i is expanded to a temporary file that contains the photo.
401 -# %I is the same as %i, but the file isn't deleted afterwards by GnuPG.
402 -# %k is expanded to the key ID of the key.
403 -# %K is expanded to the long OpenPGP key ID of the key.
404 -# %t is expanded to the extension of the image (e.g. "jpg").
405 -# %T is expanded to the MIME type of the image (e.g. "image/jpeg").
406 -# %f is expanded to the fingerprint of the key.
407 -# %% is %, of course.
409 -# If %i or %I are not present, then the photo is supplied to the
410 -# viewer on standard input. If your platform supports it, standard
411 -# input is the best way to do this as it avoids the time and effort in
412 -# generating and then cleaning up a secure temp file.
414 -# The default program is "xloadimage -fork -quiet -title 'KeyID 0x%k' stdin"
415 -# On Mac OS X and Windows, the default is to use your regular JPEG image
418 -# Some other viewers:
419 -# photo-viewer "qiv %i"
420 -# photo-viewer "ee %i"
421 -# photo-viewer "display -title 'KeyID 0x%k'"
423 -# This one saves a copy of the photo ID in your home directory:
424 -# photo-viewer "cat > ~/photoid-for-key-%k.%t"
426 -# Use your MIME handler to view photos:
427 -# photo-viewer "metamail -q -d -b -c %T -s 'KeyID 0x%k' -f GnuPG"
430 -# Because some mailers change lines starting with "From " to ">From "
431 -# it is good to handle such lines in a special way when creating
432 -# cleartext signatures; all other PGP versions do it this way too.
433 -# To enable full OpenPGP compliance you may want to use this option.
435 -#no-escape-from-lines
438 -# Uncomment the following option to get rid of the copyright notice