sm: Move qualified.txt from datadir into sysconfdir

* doc/Makefile.am: Move qualified.txt into examples. * doc/qualified.txt: Move into examples, remove trailing spaces. * doc/examples/README: Document qualified.txt. * doc/gpgsm.texi: Move qualified.txt from datadir into sysconfdir. * sm/qualified.c (read_list): Move qualified.txt from datadir into sysconfdir. -- The qualified.txt is maintained by Administrator it is a configuration file. In the past it was a hybrid, provided by package and controlled by the Administrator, however, it is no longer maintained by package. Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
2017-09-01 22:19:26 +03:00 · 2017-09-01 22:19:26 +03:00 · 384a3748d9
parent 926d07c5fa
commit 384a3748d9
5 changed files with 14 additions and 18 deletions
--- a/doc/Makefile.am
+++ b/doc/Makefile.am
@ -22,7 +22,7 @@ AM_CPPFLAGS =
 include $(top_srcdir)/am/cmacros.am

 examples = examples/README examples/scd-event examples/trustlist.txt	\
-	   examples/vsnfd.prf examples/debug.prf                        \
+	   examples/vsnfd.prf examples/debug.prf examples/qualified.txt \
 	   examples/systemd-user/README 				\
 	   examples/systemd-user/dirmngr.service 			\
 	   examples/systemd-user/dirmngr.socket				\
@ -43,7 +43,7 @@ helpfiles = help.txt help.be.txt help.ca.txt help.cs.txt		\

 profiles =

-EXTRA_DIST = samplekeys.asc mksamplekeys com-certs.pem qualified.txt \
+EXTRA_DIST = samplekeys.asc mksamplekeys com-certs.pem \
 	     gnupg-logo.eps gnupg-logo.pdf gnupg-logo.png gnupg-logo-tr.png \
 	     gnupg-module-overview.png gnupg-module-overview.pdf \
             gnupg-card-architecture.png gnupg-card-architecture.pdf \
--- a/doc/examples/README
+++ b/doc/examples/README
@ -9,3 +9,5 @@ trustlist.txt   A list of trustworthy root certificates
 gpgconf.conf    A sample configuration file for gpgconf.

 systemd-user    Sample files for a Linux-only init system.
+
+qualified.txt   Sample file for qualified.txt.
--- a/doc/examples/qualified.txt
+++ b/doc/examples/qualified.txt
--- a/doc/gpgsm.texi
+++ b/doc/gpgsm.texi
@ -843,15 +843,9 @@ purposes.

 Note that even if a certificate is listed in this file, this does not
 mean that the certificate is trusted; in general the certificates listed
-in this file need to be listed also in @file{trustlist.txt}.
-
-This is a global file an installed in the data directory
-(e.g. @file{@value{DATADIR}/qualified.txt}).  GnuPG installs a suitable
-file with root certificates as used in Germany.  As new Root-CA
-certificates may be issued over time, these entries may need to be
-updated; new distributions of this software should come with an updated
-list but it is still the responsibility of the Administrator to check
-that this list is correct.
+in this file need to be listed also in @file{trustlist.txt}. This is a global
+file an installed in the sysconf directory (e.g.
+@file{@value{SYSCONFDIR}/qualified.txt}).

 Every time @command{gpgsm} uses a certificate for signing or verification
 this file will be consulted to check whether the certificate under
--- a/sm/qualified.c
+++ b/sm/qualified.c
@ -58,7 +58,7 @@ read_list (char *key, char *country, int *lnr)

  if (!listname)
    {
-      listname = make_filename (gnupg_datadir (), "qualified.txt", NULL);
+      listname = make_filename (gnupg_sysconfdir (), "qualified.txt", NULL);
      listfp = fopen (listname, "r");
      if (!listfp && errno != ENOENT)
        {