builder: Allow GnuPG v2 or v1 to be used (RHBZ#1438939).

All of the GPG commands we run are compatible with either v1 or v2, so
this simply involves looking for either gpg2 or gpg binaries at
runtime.

builder/builder.ml

@@ -148,12 +148,10 @@ let main () =
   (* Check that gpg is installed.  Optional as long as the user
    * disables all signature checks.
    *)
-  let cmd = sprintf "%s --help >/dev/null 2>&1" cmdline.gpg in
-  if shell_command cmd <> 0 then (
-    if cmdline.check_signature then
-      error (f_"gpg is not installed (or does not work)\nYou should install gpg, or use --gpg option, or use --no-check-signature.")
-    else if verbose () then
-      warning (f_"gpg program is not available")
+  if cmdline.check_signature then (
+    let cmd = sprintf "%s --help >/dev/null 2>&1" cmdline.gpg in
+    if cmdline.gpg = "" || shell_command cmd <> 0 then
+      error (f_"no GNU Privacy Guard (GnuPG, gpg) binary was found.\n\nEither gpg v1 or v2 can be installed to check signatures.  Virt-builder looks for a binary called either ‘gpg2’ or ‘gpg‘ on the $PATH.  You can also specify a binary using the ‘--gpg’ option.  If you don't want to check signatures, use ’--no-check-signature’ but note that this may make you vulnerable to Man-In-The-Middle attacks.")
   );
 
   (* Check that curl works. *)

builder/cmdline.ml

@@ -87,7 +87,13 @@ let parse_cmdline () =
   let add_fingerprint arg = push_front arg fingerprints in
 
   let format = ref "" in
-  let gpg = ref "gpg" in
+  let gpg =
+    try which "gpg2"
+    with Executable_not_found _ ->
+         try which "gpg"
+         with Executable_not_found _ ->
+              "" in
+  let gpg = ref gpg in
 
   let list_format = ref List_entries.Short in
   let list_set_long () = list_format := List_entries.Long in

builder/virt-builder.pod

@@ -314,8 +314,10 @@ F</boot> directory of a guest, see L<virt-copy-out(1)>.
 
 =item B<--gpg> GPG
 
-Specify an alternate L<gpg(1)> (GNU Privacy Guard) binary.  You can
-also use this to add gpg parameters, for example to specify an
+Specify an alternate L<gpg(1)> (GNU Privacy Guard) binary.  By default
+virt-builder looks for either C<gpg2> or C<gpg> in the C<$PATH>.
+
+You can also use this to add gpg parameters, for example to specify an
 alternate home directory:
 
  virt-builder --gpg "gpg --homedir /tmp" [...]
@@ -1880,6 +1882,7 @@ L<virt-resize(1)>,
 L<virt-sysprep(1)>,
 L<oz-install(1)>,
 L<gpg(1)>,
+L<gpg2(1)>,
 L<curl(1)>,
 L<virt-make-fs(1)>,
 L<genisoimage(1)>,

docs/guestfs-building.pod

@@ -280,7 +280,7 @@ Optional.  For the L<UML backend|guestfs(3)/BACKEND>.
 
 Optional.  Used by virt-builder for downloads.
 
-=item gpg
+=item GNU Privacy Guard (GnuPG, gpg) v1 or v2
 
 Optional.  Used by virt-builder for checking digital signatures.