Merge pull request #815 from ajeddeloh/minor-fix

sdk/enter: unconditionally unset GNUGHOME

sdk/create.go

@@ -69,7 +69,7 @@ COREOS_BUILD_ID COREOS_OFFICIAL \
 EMAIL GIT_AUTHOR_EMAIL GIT_AUTHOR_NAME \
 GIT_COMMITTER_EMAIL GIT_COMMITTER_NAME \
 GIT_PROXY_COMMAND GIT_SSH RSYNC_PROXY \
-GNUPGHOME GPG_AGENT_INFO SSH_AUTH_SOCK \
+SSH_AUTH_SOCK \
 BOTO_PATH GOOGLE_APPLICATION_CREDENTIALS \
 USE FEATURES PORTAGE_USERNAME \
 all_proxy ftp_proxy http_proxy https_proxy no_proxy"

sdk/enter.go

@@ -182,19 +182,25 @@ func (e *enter) mountGnupg() error {
 		origHome = filepath.Join(e.User.HomeDir, ".gnupg")
 	}
 
+	// gpg misbehaves in the SDK with GNUPGHOME set to anything but
+	// ~/.gnupg. New SDKs don't encounter this problem because GNUPGHOME
+	// is no longer included in the sudo env_keep list. For old SDKs,
+	// unset GNUPGHOME so the default ~/.gnupg is used.
+	if err := os.Unsetenv("GNUPGHOME"); err != nil {
+		return err
+	}
+
 	if _, err := os.Stat(origHome); err != nil {
 		// Skip but do not bind mount anything
 		return nil
 	}
 
-	// gpg misbehaves in the sdk with GNUPGHOME set to anything but ~/.gnupg
-	// so always unset it so the default ~/.gnupg is used.
-	if err := os.Unsetenv("GNUPGHOME"); err != nil {
+	// now mount the agent socket directory through
+	newHome := filepath.Join(e.Chroot, e.User.HomeDir, ".gnupg")
+	if err := os.Mkdir(newHome, 0700); err != nil && !os.IsExist(err) {
 		return err
 	}
 
-	// now mount the agent socket directory through
-	newHome := filepath.Join(e.Chroot, e.User.HomeDir, ".gnupg")
 	if err := system.Bind(origHome, newHome); err != nil {
 		return err
 	}