From 31d727247befa619293a254d0f6004c96e9789b6 2018-12-24 12:04:18 From: Branko Majic Date: 2018-12-24 12:04:18 Subject: [PATCH] Noticket: Fix the invocation of GnuPG to use the --no-tty option: - At least in some cases GnuPG would otherwise fail to run. --- diff --git a/docs/releasenotes.rst b/docs/releasenotes.rst index d7e2322a19252cc42bf38df271edfb7da76d9cdd..22803338bcdf286ae5e886436258bdf0966adaa9 100644 --- a/docs/releasenotes.rst +++ b/docs/releasenotes.rst @@ -5,6 +5,13 @@ Release notes NEXT RELEASE ------------ +Bug fixes: + +* ``backup_client`` role + + * Avoid errors related to lack of ``tty`` when invoking the GnuPG + utility by using the ``--no-tty`` option. + 3.1.0 ----- diff --git a/roles/backup_client/handlers/main.yml b/roles/backup_client/handlers/main.yml index 50f61d69f87cabb08b13a0aaeff4bb18a4f5433d..cd9e1ddd66d42f1a0b9cacf35bbfa48418bf63fd 100644 --- a/roles/backup_client/handlers/main.yml +++ b/roles/backup_client/handlers/main.yml @@ -6,7 +6,7 @@ import_tasks: cleanup_gnupg.yml - name: Import private keys - command: "{{ gnupg_binary }} --homedir /etc/duply/main/gnupg --import /etc/duply/main/private_keys.asc" + command: "{{ gnupg_binary }} --no-tty --homedir /etc/duply/main/gnupg --import /etc/duply/main/private_keys.asc" tags: # [ANSIBLE0012] Commands should not change things if nothing needs doing # This task is invoked only if user is very specific about requiring to @@ -15,5 +15,5 @@ - skip_ansible_lint - name: Import public keys - command: "{{ gnupg_binary }} --homedir /etc/duply/main/gnupg --import /etc/duply/main/public_keys.asc" + command: "{{ gnupg_binary }} --no-tty --homedir /etc/duply/main/gnupg --import /etc/duply/main/public_keys.asc" when: backup_additional_encryption_keys diff --git a/roles/backup_client/tasks/main.yml b/roles/backup_client/tasks/main.yml index b01cff9512f01a6dc81c4e2efc31ceeca0b0b4e9..57abda0611a3bb17e1053604ddac7594824d7251 100644 --- a/roles/backup_client/tasks/main.yml +++ b/roles/backup_client/tasks/main.yml @@ -53,14 +53,14 @@ - Import public keys - name: Extract encryption key identifier (Duplicty requires key ID in hexadecimal format) - shell: "{{ gnupg_binary }} --list-packets /etc/duply/main/private_keys.asc | grep keyid: | + shell: "{{ gnupg_binary }} --no-tty --list-packets /etc/duply/main/private_keys.asc | grep keyid: | head -n1 | sed -e 's/.*: //' | sed -re 's/^.{{ '{' + gnupg_key_cutoff + '}' }}//'" register: backup_encryption_key_id changed_when: false failed_when: backup_encryption_key_id.stdout == "" - name: Extract additional encryption keys identifiers (Duplicty requires key ID in hexadecimal format) - shell: "{{ gnupg_binary }} --list-packets /etc/duply/main/public_keys.asc | grep keyid: | + shell: "{{ gnupg_binary }} --no-tty --list-packets /etc/duply/main/public_keys.asc | grep keyid: | sed -e 's/.*: //' | sort -u | sed -re 's/^.{{ '{' + gnupg_key_cutoff + '}' }}//' | tr '\n' ',' | sed -e 's/,$//'" when: backup_additional_encryption_keys register: backup_additional_encryption_keys_ids