MirkoManojlovic/GnuPG-2.2.md

## GnuPG-2.2.md

      
    Raw
  

              GnuPG-2.2.md
            
          
    GnuPG 2.2.x Build Instructions

Below are my build instructions for GnuPG 2.2.20, released on April 1st, 2020. These instructions are built for a headless Centos 7 LTS server (specificaly the offical centos docker image https://hub.docker.com/_/centos).
You use the below install script to install GnuPG 2.2.x by running the following commands:
# if you are root in a docker image:
curl -OL "https://gist.githubusercontent.com/MirkoManojlovic/56f563271eca43c67606b5991f32edd4/raw/1358b87214312e41fd2e28a49a34869a699fb06f/install-gnupg22.sh" && bash ./install-gnupg22.sh
# else if you need to sudo to do the installs:
curl -OL "https://gist.githubusercontent.com/MirkoManojlovic/56f563271eca43c67606b5991f32edd4/raw/1358b87214312e41fd2e28a49a34869a699fb06f/install-gnupg22.sh" && sudo -H bash ./install-gnupg22.sh

  
## install-gnupg22.sh
#!/bin/bash
# ---------
# Script to build and install GnuPG 2.2.x

# Update yum repos and install necessary dependencies
yum update -y && \
yum install bzip2 -y && \
yum install zip -y && \
yum install gcc -y && \
yum install make -y && \

# Installs all required packages to rebuild the gnupg2 package
yum-builddep -y gnupg2

# Create temp dir where all the files will be downloaded
mkdir -p /tmp/gnupg22 && cd /tmp/gnupg22

# Get GPG keys for the gnupg2 maintainers
gpg --list-keys
gpg --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 249B39D24F25E3B6 04376F3EE0856959 2071B08A33BD3F06 8A861B1C7EFD60D9

# Declare all libraries names
LIBGPG_ERROR="libgpg-error-1.37"
LIBGCRYPT="libgcrypt-1.8.5"
LIBASSUAN="libassuan-2.5.3"
LIBKSBA="libksba-1.3.5"
NPTH="npth-1.6"
GNUPG="gnupg-2.2.20"

libraries=($LIBGPG_ERROR $LIBGCRYPT $LIBASSUAN $LIBKSBA $NPTH $GNUPG)

# Download libraries and signatures
for library in "${libraries[@]}";
do
    # Strip the version number from the library
    library_name=$(echo $library | egrep -o '^[a-z]+-?[a-z]+')
    curl https://www.gnupg.org/ftp/gcrypt/$library_name/$library.tar.bz2 -o $library.tar.bz2 && \
    curl https://www.gnupg.org/ftp/gcrypt/$library_name/$library.tar.bz2.sig -o $library.tar.bz2.sig
done

# Verify and untar downloads
for library in "${libraries[@]}";
do
    gpg --verify $library.tar.bz2.sig $library.tar.bz2
    tar xjf $library.tar.bz2
done

# Install everything
for library in "${libraries[@]}";
do
    cd $library && \
    ./configure && \
    make && \
    make install && \
    cd ../
done

# Add path to the new gpg and run ldconfig
echo "/usr/local/lib" > /etc/ld.so.conf.d/gpg2.conf && ldconfig -v

# Without the line below, gpg2 might fail to create / import secret keys !!!
if [ -d ~/.gnugp ]; then rm -ri ~/.gnugp; fi

# Restart gpg-agent
gpgconf --kill gpg-agent

# Source bash_profile
source ~/.bash_profile

# For some reason gpg2 still points to the old version
# To fix this symlink new gpg to the gpg2
# Which gpg should point to /usr/local/bin/gpg
# Which gpg2 points to /usr/bin/gpg2

# Rename old gpg2 in case you need it
mv /usr/bin/gpg2 /usr/bin/gpg2_old

# Symlink new gpg2
ln -s /usr/local/bin/gpg /usr/bin/gpg2

# Remove downloaded files
rm -rf cd /tmp/gnupg22

echo "+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+"
echo "+         Installation complete           +"
echo "+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+"
	#!/bin/bash
	# ---------
	# Script to build and install GnuPG 2.2.x

	# Update yum repos and install necessary dependencies
	yum update -y && \
	yum install bzip2 -y && \
	yum install zip -y && \
	yum install gcc -y && \
	yum install make -y && \

	# Installs all required packages to rebuild the gnupg2 package
	yum-builddep -y gnupg2

	# Create temp dir where all the files will be downloaded
	mkdir -p /tmp/gnupg22 && cd /tmp/gnupg22

	# Get GPG keys for the gnupg2 maintainers
	gpg --list-keys
	gpg --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 249B39D24F25E3B6 04376F3EE0856959 2071B08A33BD3F06 8A861B1C7EFD60D9

	# Declare all libraries names
	LIBGPG_ERROR="libgpg-error-1.37"
	LIBGCRYPT="libgcrypt-1.8.5"
	LIBASSUAN="libassuan-2.5.3"
	LIBKSBA="libksba-1.3.5"
	NPTH="npth-1.6"
	GNUPG="gnupg-2.2.20"

	libraries=($LIBGPG_ERROR $LIBGCRYPT $LIBASSUAN $LIBKSBA $NPTH $GNUPG)

	# Download libraries and signatures
	for library in "${libraries[@]}";
	do
	# Strip the version number from the library
	library_name=$(echo $library \| egrep -o '^[a-z]+-?[a-z]+')
	curl https://www.gnupg.org/ftp/gcrypt/$library_name/$library.tar.bz2 -o $library.tar.bz2 && \
	curl https://www.gnupg.org/ftp/gcrypt/$library_name/$library.tar.bz2.sig -o $library.tar.bz2.sig
	done

	# Verify and untar downloads
	for library in "${libraries[@]}";
	do
	gpg --verify $library.tar.bz2.sig $library.tar.bz2
	tar xjf $library.tar.bz2
	done

	# Install everything
	for library in "${libraries[@]}";
	do
	cd $library && \
	./configure && \
	make && \
	make install && \
	cd ../
	done

	# Add path to the new gpg and run ldconfig
	echo "/usr/local/lib" > /etc/ld.so.conf.d/gpg2.conf && ldconfig -v

	# Without the line below, gpg2 might fail to create / import secret keys !!!
	if [ -d ~/.gnugp ]; then rm -ri ~/.gnugp; fi

	# Restart gpg-agent
	gpgconf --kill gpg-agent

	# Source bash_profile
	source ~/.bash_profile

	# For some reason gpg2 still points to the old version
	# To fix this symlink new gpg to the gpg2
	# Which gpg should point to /usr/local/bin/gpg
	# Which gpg2 points to /usr/bin/gpg2

	# Rename old gpg2 in case you need it
	mv /usr/bin/gpg2 /usr/bin/gpg2_old

	# Symlink new gpg2
	ln -s /usr/local/bin/gpg /usr/bin/gpg2

	# Remove downloaded files
	rm -rf cd /tmp/gnupg22

	echo "+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+"
	echo "+ Installation complete +"
	echo "+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+"