From 466a27230feb7c9d2cbf95f9802ebf95133d84f60d9a80328117148974954b35 Mon Sep 17 00:00:00 2001
From: "Marc S. Weidner" <msw@coresecret.dev>
Date: Fri, 7 Nov 2025 19:42:53 +0100
Subject: [PATCH] V8.13.392.2025.11.07

Signed-off-by: Marc S. Weidner <msw@coresecret.dev>
---
 lib/lib_gnupg.sh | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/lib/lib_gnupg.sh b/lib/lib_gnupg.sh
index 39c5719..18d5532 100644
--- a/lib/lib_gnupg.sh
+++ b/lib/lib_gnupg.sh
@@ -56,12 +56,10 @@ allow-loopback-pinentry
 pinentry-program /usr/bin/pinentry-tty
 EOF
 
-      gpgconf --kill gpg-agent   2>&1 || true
-      gpgconf --create-socketdir 2>&1 || true
-
       if ! gpgconf --launch gpg-agent >| /tmp/cdlb_gpg-agent.log 2>&1; then
 
         printf "\e[91m++++ ++++ ++++ ++++ ++++ ++++ ++ Failed to launch gpg-agent. \e[0m\n"
+        return "${ERR_GPG__AGENT}"
 
       fi
 
@@ -89,7 +87,6 @@ EOF
     if ! gpg --batch --yes --pinentry-mode=loopback --passphrase-file "${VAR_SIGNING_KEY_PASSFILE}" --import "${VAR_TMP_SECRET}/${VAR_SIGNING_KEY}"; then
 
       printf "\e[91m++++ ++++ ++++ ++++ ++++ ++++ ++ Failed to import signing key. \e[0m\n"
-      umask "${__umask}"
       return "${ERR_GPG__AGENT}"
 
     fi
@@ -97,6 +94,8 @@ EOF
     shred -fzu -n 5 -- "${VAR_TMP_SECRET}/${VAR_SIGNING_KEY}"
 
     ### Export public key for verification inside ISO / chroot.
+    install -d -m 0755 -o root -g root "${VAR_HANDLER_BUILD_DIR}/config/includes.chroot/etc/ciss/keys"
+    install -d -m 0755 -o root -g root "${VAR_HANDLER_BUILD_DIR}/config/includes.binary"
     gpg --batch --yes --export "${VAR_SIGNING_KEY_FPR}" >| "${VAR_HANDLER_BUILD_DIR}/config/includes.chroot/etc/ciss/keys/${VAR_SIGNING_KEY_FPR}_public.gpg"
     gpg --batch --yes --export "${VAR_SIGNING_KEY_FPR}" >| "${VAR_HANDLER_BUILD_DIR}/config/includes.binary/0030-verify-checksums_public.gpg"