GnuPG homedir and package.el?

GnuPG homedir and package.el?

[Jens Lechtenboerger]

[-- Attachment #1: Type: text/plain, Size: 359 bytes --]

Hi there,

is there a reason that package.el sets up its own GnuPG homedir (in
package-import-keyring and package--check-signature-content)?

That choice does not work with Qubes OS and Split GPG [0].

Attached is a patch introducing a new user option to use the
default GnuPG home.

Best wishes
Jens

[0] https://github.com/QubesOS/qubes-issues/issues/2660


[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: package.diff --]
[-- Type: text/x-diff, Size: 2467 bytes --]

commit 28105308487b231e57770c1af0c5989ba6d6b66c
Author: Jens Lechtenboerger <jens.lechtenboerger@fsfe.org>
Date:   Sat Mar 4 17:17:52 2017 +0100

    Introduce customizable variable package-use-separate-gnupghome
    
    * lisp/emacs-lisp/package.el (package-import-keyring)
      (package--check-signature-content): Use new variable
      package-use-separate-gnupghome to decide whether to use separate
      GnuPG homedir or default one.

diff --git a/lisp/emacs-lisp/package.el b/lisp/emacs-lisp/package.el
index 8d5fac9..f212028 100644
--- a/lisp/emacs-lisp/package.el
+++ b/lisp/emacs-lisp/package.el
@@ -305,6 +305,17 @@ package-directory-list
 (declare-function epg-find-configuration "epg-config"
                   (protocol &optional no-cache program-alist))
 
+(defcustom package-use-separate-gnupghome t
+  "Whether to use default GnuPG homedir or create a separate one.
+If t (the default), package creates a separate directory to store
+ELPA signing keys.  That directory is then used as GnuPG homedir
+when verifying signatures on packages.
+If you want to keep all public keys in one place, including the
+ELPA signing key, set to nil."
+  :type 'boolean
+  :risky t
+  :version "26.0.50.2")
+
 (defcustom package-check-signature
   (if (and (require 'epg-config)
            (epg-find-configuration 'OpenPGP))
@@ -1209,7 +1220,8 @@ package--check-signature-content
 errors."
   (let* ((context (epg-make-context 'OpenPGP))
          (homedir (expand-file-name "gnupg" package-user-dir)))
-    (setf (epg-context-home-directory context) homedir)
+    (when package-use-separate-gnupghome
+      (setf (epg-context-home-directory context) homedir))
     (condition-case error
         (epg-verify-string context content string)
       (error (package--display-verify-error context sig-file)
@@ -1478,9 +1490,10 @@ package-import-keyring
   (setq file (expand-file-name file))
   (let ((context (epg-make-context 'OpenPGP))
         (homedir (expand-file-name "gnupg" package-user-dir)))
-    (with-file-modes 448
-      (make-directory homedir t))
-    (setf (epg-context-home-directory context) homedir)
+    (when package-use-separate-gnupghome
+      (with-file-modes 448
+        (make-directory homedir t))
+      (setf (epg-context-home-directory context) homedir))
     (message "Importing %s..." (file-name-nondirectory file))
     (epg-import-keys-from-file context file)
     (message "Importing %s...done" (file-name-nondirectory file))))

Re: GnuPG homedir and package.el?

[Ted Zlatanov]

On Sat, 04 Mar 2017 17:41:54 +0100 Jens Lechtenboerger <jens.lechtenboerger@fsfe.org> wrote: 

JL> is there a reason that package.el sets up its own GnuPG homedir (in
JL> package-import-keyring and package--check-signature-content)?

Isolation? That way package management, where typically the user's
personal setup doesn't matter, doesn't overlap with personal GnuPG usage.

JL> Attached is a patch introducing a new user option to use the
JL> default GnuPG home.

JL> +(defcustom package-use-separate-gnupghome t

Maybe this could also be a specific directory the user chooses, so it
could be a choice of nil, t, or 'string.

Ted

Re: GnuPG homedir and package.el?

[Jens Lechtenboerger]

[-- Attachment #1: Type: text/plain, Size: 816 bytes --]

On 2017-03-14, at 15:37, Ted Zlatanov wrote:

> On Sat, 04 Mar 2017 17:41:54 +0100 Jens Lechtenboerger
> <jens.lechtenboerger@fsfe.org> wrote:
>
> JL> is there a reason that package.el sets up its own GnuPG homedir (in
> JL> package-import-keyring and package--check-signature-content)?
>
> Isolation? That way package management, where typically the user's
> personal setup doesn't matter, doesn't overlap with personal GnuPG usage.

Signature verification seems personal to me.

> JL> Attached is a patch introducing a new user option to use the
> JL> default GnuPG home.
>
> JL> +(defcustom package-use-separate-gnupghome t
>
> Maybe this could also be a specific directory the user chooses, so it
> could be a choice of nil, t, or 'string.

You are right.  I changed that to be a directory or nil.

Thanks
Jens


[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: 0001-Introduce-customizable-variable-package-gnupghome-di.patch --]
[-- Type: text/x-diff, Size: 3277 bytes --]

From 4c76844e067ccf029c57189058d161831ca25ac7 Mon Sep 17 00:00:00 2001
From: Jens Lechtenboerger <jens.lechtenboerger@fsfe.org>
Date: Sat, 18 Mar 2017 12:17:02 +0100
Subject: [PATCH] Introduce customizable variable package-gnupghome-dir

* lisp/emacs-lisp/package.el (package-import-keyring,
  package--check-signature-content, package-check-signature):
  Use new variable package-gnupghome-dir to control which GnuPG homedir
  to use.
---
 lisp/emacs-lisp/package.el | 28 +++++++++++++++++++---------
 1 file changed, 19 insertions(+), 9 deletions(-)

diff --git a/lisp/emacs-lisp/package.el b/lisp/emacs-lisp/package.el
index 8d5fac9..a809e39 100644
--- a/lisp/emacs-lisp/package.el
+++ b/lisp/emacs-lisp/package.el
@@ -305,6 +305,16 @@ package-directory-list
 (declare-function epg-find-configuration "epg-config"
                   (protocol &optional no-cache program-alist))
 
+(defcustom package-gnupghome-dir (expand-file-name "gnupg" package-user-dir)
+  "Directory containing GnuPG keyring or nil.
+This variable specifies the GnuPG home directory used by package.
+That directory is passed via the option \"--homedir\" to GnuPG.
+If nil, do not use the option \"--homedir\", but stick with GnuPG's
+default directory."
+  :type 'directory
+  :risky t
+  :version "26.0.50.2")
+
 (defcustom package-check-signature
   (if (and (require 'epg-config)
            (epg-find-configuration 'OpenPGP))
@@ -1207,9 +1217,9 @@ package--check-signature-content
   "Check signature CONTENT against STRING.
 SIG-FILE is the name of the signature file, used when signaling
 errors."
-  (let* ((context (epg-make-context 'OpenPGP))
-         (homedir (expand-file-name "gnupg" package-user-dir)))
-    (setf (epg-context-home-directory context) homedir)
+  (let ((context (epg-make-context 'OpenPGP)))
+    (when package-gnupghome-dir
+      (setf (epg-context-home-directory context) package-gnupghome-dir))
     (condition-case error
         (epg-verify-string context content string)
       (error (package--display-verify-error context sig-file)
@@ -1236,7 +1246,7 @@ package--check-signature
   "Check signature of the current buffer.
 Download the signature file from LOCATION by appending \".sig\"
 to FILE.
-GnuPG keyring is located under \"gnupg\" in `package-user-dir'.
+GnuPG keyring location depends on `package-gnupghome-dir'.
 STRING is the string to verify, it defaults to `buffer-string'.
 If ASYNC is non-nil, the download of the signature file is
 done asynchronously.
@@ -1476,11 +1486,11 @@ package-import-keyring
   "Import keys from FILE."
   (interactive "fFile: ")
   (setq file (expand-file-name file))
-  (let ((context (epg-make-context 'OpenPGP))
-        (homedir (expand-file-name "gnupg" package-user-dir)))
-    (with-file-modes 448
-      (make-directory homedir t))
-    (setf (epg-context-home-directory context) homedir)
+  (let ((context (epg-make-context 'OpenPGP)))
+    (when package-gnupghome-dir
+      (with-file-modes 448
+        (make-directory package-gnupghome-dir t))
+      (setf (epg-context-home-directory context) package-gnupghome-dir))
     (message "Importing %s..." (file-name-nondirectory file))
     (epg-import-keys-from-file context file)
     (message "Importing %s...done" (file-name-nondirectory file))))
-- 
2.7.4

Re: GnuPG homedir and package.el?

[Ted Zlatanov]

On Sat, 18 Mar 2017 12:26:13 +0100 Jens Lechtenboerger <jens.lechtenboerger@fsfe.org> wrote: 

JL> On 2017-03-14, at 15:37, Ted Zlatanov wrote:
>> On Sat, 04 Mar 2017 17:41:54 +0100 Jens Lechtenboerger
>> <jens.lechtenboerger@fsfe.org> wrote:
>> 
JL> is there a reason that package.el sets up its own GnuPG homedir (in
JL> package-import-keyring and package--check-signature-content)?
>> 
>> Isolation? That way package management, where typically the user's
>> personal setup doesn't matter, doesn't overlap with personal GnuPG usage.

JL> Signature verification seems personal to me.

The isolation serves a purpose. I think the default behavior is better
for ease of use out of the box: it's less likely to break if a user
tinkers with their personal GnuPG setup.

The defcustom you introduced is the missing piece for more
advanced users, so I think that resolves the issue for everyone. I hope
you agree.

Ted

Re: GnuPG homedir and package.el?

[Jens Lechtenboerger]

On 2017-03-20, at 09:37, Ted Zlatanov wrote:

> The defcustom you introduced is the missing piece for more
> advanced users, so I think that resolves the issue for everyone. I hope
> you agree.

I agree that this resolves the issue.

Best wishes
Jens

Re: GnuPG homedir and package.el?

[Jens Lechtenboerger]

On 2017-03-20, at 18:43, Jens Lechtenboerger wrote:

> On 2017-03-20, at 09:37, Ted Zlatanov wrote:
>
>> The defcustom you introduced is the missing piece for more
>> advanced users, so I think that resolves the issue for everyone. I hope
>> you agree.
>
> I agree that this resolves the issue.

As there doesn't seem to be any objection, could somebody please
apply the patch?

Many thanks
Jens

Re: GnuPG homedir and package.el?

[Jens Lechtenboerger]

On 2017-03-26, at 09:41, Jens Lechtenboerger wrote:

> On 2017-03-20, at 18:43, Jens Lechtenboerger wrote:
>
>> On 2017-03-20, at 09:37, Ted Zlatanov wrote:
>>
>>> The defcustom you introduced is the missing piece for more
>>> advanced users, so I think that resolves the issue for everyone. I hope
>>> you agree.
>>
>> I agree that this resolves the issue.
>
> As there doesn't seem to be any objection, could somebody please
> apply the patch?

I just created an account on savannah and requested inclusion for
emacs.

How do people go about changing etc/NEWS and manual pages?
Should the small changes required in this case be discussed here?
Those changes of documentation are sometimes introduced as separate
commits, sometimes combined with the code change.  What is
preferred? 

Best wishes
Jens

Re: GnuPG homedir and package.el?

[Eli Zaretskii]

> From: Jens Lechtenboerger <jens.lechtenboerger@fsfe.org>
> Date: Sat, 01 Apr 2017 16:01:18 +0200
> 
> How do people go about changing etc/NEWS and manual pages?
> Should the small changes required in this case be discussed here?

They should be mentioned in NEWS, definitely.

As for the manual (I guess you meant the user manual), it depends on
whether you think the added option is important for users to know
about.  (Btw, your ':version' rag is incorrect, it should be "26.1".)

> Those changes of documentation are sometimes introduced as separate
> commits, sometimes combined with the code change.  What is
> preferred? 

My personal preference is for all the related changes to be in a
single changeset and a single commit.

Re: GnuPG homedir and package.el?

[Jens Lechtenboerger]

On 2017-04-01, at 17:22, Eli Zaretskii wrote:

> As for the manual (I guess you meant the user manual), it depends on
> whether you think the added option is important for users to know
> about.

Yes, I meant the user manual, which mentions the hard-coded GnuPG
homedir location.

> (Btw, your ':version' rag is incorrect, it should be "26.1".)

How do I identify the correct number?

Thanks
Jens

Re: GnuPG homedir and package.el?

[Eli Zaretskii]

> From: Jens Lechtenboerger <jens.lechtenboerger@fsfe.org>
> Cc: emacs-devel@gnu.org
> Date: Sat, 01 Apr 2017 17:01:08 +0200
> 
> > (Btw, your ':version' rag is incorrect, it should be "26.1".)
> 
> How do I identify the correct number?

It's the next official version to be released.  If the current version
on the branch is XX.YY.nn, the tag should be for XX.YY+1.

Re: GnuPG homedir and package.el?

[Jens Lechtenboerger]

[-- Attachment #1: Type: text/plain, Size: 375 bytes --]

On 2017-04-01, at 17:22, Eli Zaretskii wrote:

> They should be mentioned in NEWS, definitely.
>
> As for the manual (I guess you meant the user manual), it depends on
> whether you think the added option is important for users to know
> about.  (Btw, your ':version' rag is incorrect, it should be "26.1".)

The attached patch contains the above changes.

Best wishes
Jens


[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: 0001-Introduce-customizable-variable-package-gnupghome-di.patch --]
[-- Type: text/x-diff, Size: 4670 bytes --]

From e7997d0e3bac084bbc1097ec7a3186146f77127d Mon Sep 17 00:00:00 2001
From: Jens Lechtenboerger <jens.lechtenboerger@fsfe.org>
Date: Sat, 1 Apr 2017 17:57:54 +0200
Subject: [PATCH] Introduce customizable variable package-gnupghome-dir

* lisp/emacs-lisp/package.el (package-import-keyring,
  package--check-signature-content, package-check-signature):
  Use new variable package-gnupghome-dir to control which GnuPG homedir
  to use.
* doc/emacs/package.texi: Mention this.
* etc/NEWS: Mention this.
---
 doc/emacs/package.texi     |  5 +++--
 etc/NEWS                   |  7 +++++++
 lisp/emacs-lisp/package.el | 28 +++++++++++++++++++---------
 3 files changed, 29 insertions(+), 11 deletions(-)

diff --git a/doc/emacs/package.texi b/doc/emacs/package.texi
index d6f88aa..de8f4d2 100644
--- a/doc/emacs/package.texi
+++ b/doc/emacs/package.texi
@@ -200,8 +200,9 @@ Package Installation
 on how you can obtain their public key.  One way is to download the
 key from a server such as @url{http://pgp.mit.edu/}.
 Use @kbd{M-x package-import-keyring} to import the key into Emacs.
-Emacs stores package keys in the @file{gnupg} subdirectory
-of @code{package-user-dir}.
+Emacs stores package keys in the directory specified by the variable
+@code{package-gnupghome-dir}, by default in the @file{gnupg}
+subdirectory of @code{package-user-dir}.
 The public key for the GNU package archive is distributed with Emacs,
 in the @file{etc/package-keyring.gpg}.  Emacs uses it automatically.
 
diff --git a/etc/NEWS b/etc/NEWS
index bfd7d2b..2bc3e18 100644
--- a/etc/NEWS
+++ b/etc/NEWS
@@ -629,6 +629,13 @@ In 'visual-line-mode' it will look for the true beginning of a header
 while in non-'visual-line-mode' it will move the point to the indented
 header's value.
 
+** Package
+
++++
+*** The new variable 'package-gnupghome-dir' has been added to control
+where the GnuPG home directory (used for signature verification) is
+located.
+
 ** Tramp
 
 +++
diff --git a/lisp/emacs-lisp/package.el b/lisp/emacs-lisp/package.el
index 8d5fac9..12635b3 100644
--- a/lisp/emacs-lisp/package.el
+++ b/lisp/emacs-lisp/package.el
@@ -305,6 +305,16 @@ package-directory-list
 (declare-function epg-find-configuration "epg-config"
                   (protocol &optional no-cache program-alist))
 
+(defcustom package-gnupghome-dir (expand-file-name "gnupg" package-user-dir)
+  "Directory containing GnuPG keyring or nil.
+This variable specifies the GnuPG home directory used by package.
+That directory is passed via the option \"--homedir\" to GnuPG.
+If nil, do not use the option \"--homedir\", but stick with GnuPG's
+default directory."
+  :type 'directory
+  :risky t
+  :version "26.1")
+
 (defcustom package-check-signature
   (if (and (require 'epg-config)
            (epg-find-configuration 'OpenPGP))
@@ -1207,9 +1217,9 @@ package--check-signature-content
   "Check signature CONTENT against STRING.
 SIG-FILE is the name of the signature file, used when signaling
 errors."
-  (let* ((context (epg-make-context 'OpenPGP))
-         (homedir (expand-file-name "gnupg" package-user-dir)))
-    (setf (epg-context-home-directory context) homedir)
+  (let ((context (epg-make-context 'OpenPGP)))
+    (when package-gnupghome-dir
+      (setf (epg-context-home-directory context) package-gnupghome-dir))
     (condition-case error
         (epg-verify-string context content string)
       (error (package--display-verify-error context sig-file)
@@ -1236,7 +1246,7 @@ package--check-signature
   "Check signature of the current buffer.
 Download the signature file from LOCATION by appending \".sig\"
 to FILE.
-GnuPG keyring is located under \"gnupg\" in `package-user-dir'.
+GnuPG keyring location depends on `package-gnupghome-dir'.
 STRING is the string to verify, it defaults to `buffer-string'.
 If ASYNC is non-nil, the download of the signature file is
 done asynchronously.
@@ -1476,11 +1486,11 @@ package-import-keyring
   "Import keys from FILE."
   (interactive "fFile: ")
   (setq file (expand-file-name file))
-  (let ((context (epg-make-context 'OpenPGP))
-        (homedir (expand-file-name "gnupg" package-user-dir)))
-    (with-file-modes 448
-      (make-directory homedir t))
-    (setf (epg-context-home-directory context) homedir)
+  (let ((context (epg-make-context 'OpenPGP)))
+    (when package-gnupghome-dir
+      (with-file-modes 448
+        (make-directory package-gnupghome-dir t))
+      (setf (epg-context-home-directory context) package-gnupghome-dir))
     (message "Importing %s..." (file-name-nondirectory file))
     (epg-import-keys-from-file context file)
     (message "Importing %s...done" (file-name-nondirectory file))))
-- 
2.7.4

Re: GnuPG homedir and package.el?

[Eli Zaretskii]

> From: Jens Lechtenboerger <jens.lechtenboerger@fsfe.org>
> Cc: emacs-devel@gnu.org
> Date: Sat, 01 Apr 2017 18:08:20 +0200
> 
> On 2017-04-01, at 17:22, Eli Zaretskii wrote:
> 
> > They should be mentioned in NEWS, definitely.
> >
> > As for the manual (I guess you meant the user manual), it depends on
> > whether you think the added option is important for users to know
> > about.  (Btw, your ':version' rag is incorrect, it should be "26.1".)
> 
> The attached patch contains the above changes.

Thanks.  I will push in a few days if there are no further comments.

Re: GnuPG homedir and package.el?

[Ted Zlatanov]

On Sat, 01 Apr 2017 18:08:20 +0200 Jens Lechtenboerger <jens.lechtenboerger@fsfe.org> wrote: 

JL> +(defcustom package-gnupghome-dir (expand-file-name "gnupg" package-user-dir)
JL> +  "Directory containing GnuPG keyring or nil.
JL> +This variable specifies the GnuPG home directory used by package.
JL> +That directory is passed via the option \"--homedir\" to GnuPG.
JL> +If nil, do not use the option \"--homedir\", but stick with GnuPG's
JL> +default directory."
JL> +  :type 'directory
JL> +  :risky t
JL> +  :version "26.1")

This looks great, and thanks for working on it.

I was wondering if you could provide explicit options to this variable
with :tag descriptions, so users customizing this variable have a nice
interface? Something like (the middle one is very untested):

    :type `(choice (const :tag "Default GnuPG directory in user's home directory" nil)
                   (const :tag "The default Emacs package management GnuPG home directory" ,(expand-file-name "gnupg" package-user-dir))
                   (directory :tag "A specific GnuPG --homedir")

Thanks!
Ted

Re: GnuPG homedir and package.el?

[Jens Lechtenboerger]

[-- Attachment #1: Type: text/plain, Size: 754 bytes --]

On 2017-04-04, at 11:04, Ted Zlatanov wrote:

> I was wondering if you could provide explicit options to this variable
> with :tag descriptions, so users customizing this variable have a nice
> interface? Something like (the middle one is very untested):

That's added now.  I don't know whether there are conventions for
this, but I changed the order to have the default appear first.
I also changed the wording a bit to show my original motivation for
this patch, omit --homedir.  

What I personally don't like about this tag usage is that the
customize buffer does not show the variable's real value any longer.
Is that a bug or a feature?

Besides, I changed NEWS to mention --homedir and extended the
explanation for the manual.

Best wishes
Jens


[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: 0001-Introduce-customizable-variable-package-gnupghome-di.patch --]
[-- Type: text/x-diff, Size: 5890 bytes --]

From c20f785330992c3dedd587d3e016e6d246c958a0 Mon Sep 17 00:00:00 2001
From: Jens Lechtenboerger <jens.lechtenboerger@fsfe.org>
Date: Wed, 5 Apr 2017 12:19:08 +0200
Subject: [PATCH] Introduce customizable variable package-gnupghome-dir

* lisp/emacs-lisp/package.el (package-import-keyring,
  package--check-signature-content, package-check-signature):
  Use new variable package-gnupghome-dir to control which GnuPG homedir
  to use.
* doc/emacs/package.texi: Mention this.
* etc/NEWS: Mention this.
---
 doc/emacs/package.texi     | 13 ++++++++++---
 etc/NEWS                   |  7 +++++++
 lisp/emacs-lisp/package.el | 35 ++++++++++++++++++++++++++---------
 3 files changed, 43 insertions(+), 12 deletions(-)

diff --git a/doc/emacs/package.texi b/doc/emacs/package.texi
index d6f88aa..7f08000 100644
--- a/doc/emacs/package.texi
+++ b/doc/emacs/package.texi
@@ -194,14 +194,21 @@ Package Installation
 private/public pair of cryptographic keys, and use the private key to
 create a @dfn{signature file} for each package.  With the public key, you
 can use the signature files to verify who created the package, and
-that it has not been modified.  A valid signature is not a cast-iron
+that it has not been modified.  For signature verification,
+@uref{https://www.gnupg.org/, GnuPG} is used via the interface EasyPG,
+@pxref{Top,, EasyPG, epa, Emacs EasyPG Assistant Manual}.
+A valid signature is not a cast-iron
 guarantee that a package is not malicious, so you should still
 exercise caution.  Package archives should provide instructions
 on how you can obtain their public key.  One way is to download the
 key from a server such as @url{http://pgp.mit.edu/}.
 Use @kbd{M-x package-import-keyring} to import the key into Emacs.
-Emacs stores package keys in the @file{gnupg} subdirectory
-of @code{package-user-dir}.
+Emacs stores package keys in the directory specified by the variable
+@code{package-gnupghome-dir}, by default in the @file{gnupg}
+subdirectory of @code{package-user-dir}, which causes Emacs to invoke
+GnuPG with the option @samp{--homedir} when verifying signatures.
+If @code{package-gnupghome-dir} is @code{nil}, GnuPG's option
+@samp{--homedir} is omitted.
 The public key for the GNU package archive is distributed with Emacs,
 in the @file{etc/package-keyring.gpg}.  Emacs uses it automatically.
 
diff --git a/etc/NEWS b/etc/NEWS
index 8b17f16..25276e4 100644
--- a/etc/NEWS
+++ b/etc/NEWS
@@ -629,6 +629,13 @@ In 'visual-line-mode' it will look for the true beginning of a header
 while in non-'visual-line-mode' it will move the point to the indented
 header's value.
 
+** Package
+
++++
+*** The new variable 'package-gnupghome-dir' has been added to control
+where the GnuPG home directory (used for signature verification) is
+located and whether GnuPG's option "--homedir" is used or not.
+
 ** Tramp
 
 +++
diff --git a/lisp/emacs-lisp/package.el b/lisp/emacs-lisp/package.el
index 7698562..bef1e8d 100644
--- a/lisp/emacs-lisp/package.el
+++ b/lisp/emacs-lisp/package.el
@@ -307,6 +307,23 @@ package-directory-list
 (declare-function epg-find-configuration "epg-config"
                   (protocol &optional no-cache program-alist))
 
+(defcustom package-gnupghome-dir (expand-file-name "gnupg" package-user-dir)
+  "Directory containing GnuPG keyring or nil.
+This variable specifies the GnuPG home directory used by package.
+That directory is passed via the option \"--homedir\" to GnuPG.
+If nil, do not use the option \"--homedir\", but stick with GnuPG's
+default directory."
+  :type `(choice
+          (const
+           :tag "Default Emacs package management GnuPG home directory"
+           ,(expand-file-name "gnupg" package-user-dir))
+          (const
+           :tag "Default GnuPG directory (GnuPG option --homedir not used)"
+           nil)
+          (directory :tag "A specific GnuPG --homedir"))
+  :risky t
+  :version "26.1")
+
 (defcustom package-check-signature
   (if (and (require 'epg-config)
            (epg-find-configuration 'OpenPGP))
@@ -1209,9 +1226,9 @@ package--check-signature-content
   "Check signature CONTENT against STRING.
 SIG-FILE is the name of the signature file, used when signaling
 errors."
-  (let* ((context (epg-make-context 'OpenPGP))
-         (homedir (expand-file-name "gnupg" package-user-dir)))
-    (setf (epg-context-home-directory context) homedir)
+  (let ((context (epg-make-context 'OpenPGP)))
+    (when package-gnupghome-dir
+      (setf (epg-context-home-directory context) package-gnupghome-dir))
     (condition-case error
         (epg-verify-string context content string)
       (error (package--display-verify-error context sig-file)
@@ -1238,7 +1255,7 @@ package--check-signature
   "Check signature of the current buffer.
 Download the signature file from LOCATION by appending \".sig\"
 to FILE.
-GnuPG keyring is located under \"gnupg\" in `package-user-dir'.
+GnuPG keyring location depends on `package-gnupghome-dir'.
 STRING is the string to verify, it defaults to `buffer-string'.
 If ASYNC is non-nil, the download of the signature file is
 done asynchronously.
@@ -1478,11 +1495,11 @@ package-import-keyring
   "Import keys from FILE."
   (interactive "fFile: ")
   (setq file (expand-file-name file))
-  (let ((context (epg-make-context 'OpenPGP))
-        (homedir (expand-file-name "gnupg" package-user-dir)))
-    (with-file-modes 448
-      (make-directory homedir t))
-    (setf (epg-context-home-directory context) homedir)
+  (let ((context (epg-make-context 'OpenPGP)))
+    (when package-gnupghome-dir
+      (with-file-modes 448
+        (make-directory package-gnupghome-dir t))
+      (setf (epg-context-home-directory context) package-gnupghome-dir))
     (message "Importing %s..." (file-name-nondirectory file))
     (epg-import-keys-from-file context file)
     (message "Importing %s...done" (file-name-nondirectory file))))
-- 
2.7.4

Re: GnuPG homedir and package.el?

[Ted Zlatanov]

On Wed, 05 Apr 2017 12:21:22 +0200 Jens Lechtenboerger <jens.lechtenboerger@fsfe.org> wrote: 

JL> On 2017-04-04, at 11:04, Ted Zlatanov wrote:
>> I was wondering if you could provide explicit options to this variable
>> with :tag descriptions, so users customizing this variable have a nice
>> interface? Something like (the middle one is very untested):

JL> That's added now.  I don't know whether there are conventions for
JL> this, but I changed the order to have the default appear first.
JL> I also changed the wording a bit to show my original motivation for
JL> this patch, omit --homedir.

That's great, thank you. I don't know any conventions for the order either.

JL> What I personally don't like about this tag usage is that the
JL> customize buffer does not show the variable's real value any longer.
JL> Is that a bug or a feature?

I think it's a feature. The typical user doesn't care about
`(expand-file-name "gnupg" package-user-dir)', they just want the
"Default Emacs package management GnuPG home directory" wherever that
lives.

Ted

Re: GnuPG homedir and package.el?

[Jens Lechtenboerger]

On 2017-04-05, at 09:31, Ted Zlatanov wrote:

> On Wed, 05 Apr 2017 12:21:22 +0200 Jens Lechtenboerger

> JL> What I personally don't like about this tag usage is that the
> JL> customize buffer does not show the variable's real value any longer.
> JL> Is that a bug or a feature?
>
> I think it's a feature. The typical user doesn't care about
> `(expand-file-name "gnupg" package-user-dir)',

I agree that this piece of code is not very helpful.  However, its
result might be (which was shown without tags).

> they just want the "Default Emacs package management GnuPG home
> directory" wherever that lives.

I'm not sure about that, but I'm not user of the customize interface
anyways.

Best wishes
Jens

Re: GnuPG homedir and package.el?

[Eli Zaretskii]

> From: Jens Lechtenboerger <jens.lechtenboerger@fsfe.org>
> Date: Wed, 05 Apr 2017 12:21:22 +0200
> 
> On 2017-04-04, at 11:04, Ted Zlatanov wrote:
> 
> > I was wondering if you could provide explicit options to this variable
> > with :tag descriptions, so users customizing this variable have a nice
> > interface? Something like (the middle one is very untested):
> 
> That's added now.  I don't know whether there are conventions for
> this, but I changed the order to have the default appear first.
> I also changed the wording a bit to show my original motivation for
> this patch, omit --homedir.  
> 
> What I personally don't like about this tag usage is that the
> customize buffer does not show the variable's real value any longer.
> Is that a bug or a feature?
> 
> Besides, I changed NEWS to mention --homedir and extended the
> explanation for the manual.

Thanks, I pushed this to the master branch.

Please note a few minor changes I made in the manual text (to avoid
passive tense as much as possible) and also in the formatting of the
log message.

Re: GnuPG homedir and package.el?

[Jens Lechtenboerger]

On 2017-04-11, at 12:30, Eli Zaretskii wrote:

> Please note a few minor changes I made in the manual text (to avoid
> passive tense as much as possible) and also in the formatting of the
> log message.

Many thanks
Jens