null+****@clear*****
null+****@clear*****
2012年 4月 29日 (日) 09:18:39 JST
Kouhei Sutou 2012-04-29 09:18:39 +0900 (Sun, 29 Apr 2012)
New Revision: 4cf0435fc649dd5185288d1569bb7d6d0e4a8749
Log:
set GPG sign key in configure
Added files:
gpg_uid
Removed files:
packages/yum/gpg-public-key.sh
packages/yum/gpg-uid.sh
Modified files:
Makefile.am
configure.ac
packages/yum/Makefile.am
packages/yum/sign-rpm.sh
Modified: Makefile.am (+1 -0)
===================================================================
--- Makefile.am 2012-04-29 09:13:14 +0900 (3e22231)
+++ Makefile.am 2012-04-29 09:18:39 +0900 (16abac2)
@@ -45,6 +45,7 @@ SUBDIRS = \
EXTRA_DIST = \
AUTHORS \
+ gpg_uid \
plug.in \
CMakeLists.txt
Modified: configure.ac (+3 -0)
===================================================================
--- configure.ac 2012-04-29 09:13:14 +0900 (383ee56)
+++ configure.ac 2012-04-29 09:18:39 +0900 (dc844de)
@@ -262,6 +262,9 @@ AC_ARG_WITH(rsync-path,
[RSYNC_PATH=""])
AC_SUBST(RSYNC_PATH)
+GPG_UID=m4_include(gpg_uid)
+AC_SUBST(GPG_UID)
+
# Document
AC_MSG_CHECKING([whether enable document])
AC_ARG_ENABLE(document,
Added: gpg_uid (+1 -0) 100644
===================================================================
--- /dev/null
+++ gpg_uid 2012-04-29 09:18:39 +0900 (7c1a800)
@@ -0,0 +1 @@
+45499429
Modified: packages/yum/Makefile.am (+1 -1)
===================================================================
--- packages/yum/Makefile.am 2012-04-29 09:13:14 +0900 (583bb56)
+++ packages/yum/Makefile.am 2012-04-29 09:18:39 +0900 (d641316)
@@ -27,7 +27,7 @@ download: ensure-rsync-path
done
sign:
- ./sign-rpm.sh '$(DISTRIBUTIONS)'
+ ./sign-rpm.sh '$(GPG_UID)' '$(DISTRIBUTIONS)'
update:
./update-repository.sh '$(DISTRIBUTIONS)'
Deleted: packages/yum/gpg-public-key.sh (+0 -5) 100755
===================================================================
--- packages/yum/gpg-public-key.sh 2012-04-29 09:13:14 +0900 (f21020f)
+++ /dev/null
@@ -1,5 +0,0 @@
-#!/bin/sh
-
-script_base_dir=`dirname $0`
-
-gpg -a --export `$script_base_dir/gpg-uid.sh`
Deleted: packages/yum/gpg-uid.sh (+0 -5) 100755
===================================================================
--- packages/yum/gpg-uid.sh 2012-04-29 09:13:14 +0900 (46c1781)
+++ /dev/null
@@ -1,5 +0,0 @@
-#!/bin/sh
-
-# gpg --list-secret-keys | grep uid | sed -e 's/^uid *//' | tail -1
-echo 1c837f31
-
Modified: packages/yum/sign-rpm.sh (+16 -7)
===================================================================
--- packages/yum/sign-rpm.sh 2012-04-29 09:13:14 +0900 (5258e9f)
+++ packages/yum/sign-rpm.sh 2012-04-29 09:18:39 +0900 (6dd4a02)
@@ -2,13 +2,14 @@
script_base_dir=`dirname $0`
-if [ $# != 1 ]; then
- echo "Usage: $0 DISTRIBUTIONS"
- echo " e.g.: $0 'fedora centos'"
+if [ $# != 2 ]; then
+ echo "Usage: $0 GPG_UID DISTRIBUTIONS"
+ echo " e.g.: $0 'F10399C0' 'fedora centos'"
exit 1
fi
-DISTRIBUTIONS=$1
+GPG_UID=$1
+DISTRIBUTIONS=$2
run()
{
@@ -19,8 +20,16 @@ run()
fi
}
+rpms=""
for distribution in ${DISTRIBUTIONS}; do
- run rpm -D "_gpg_name `$script_base_dir/gpg-uid.sh`" \
- --resign $script_base_dir/${distribution}/*/*/*/*.rpm &
+ rpms="${rpms} $(echo $script_base_dir/${distribution}/*/*/*/*.rpm)"
done
-wait
+
+echo "NOTE: YOU JUST ENTER! YOU DON'T NEED TO INPUT PASSWORD!"
+echo " IT'S JUST FOR rpm COMMAND RESTRICTION!"
+run rpm \
+ -D "_gpg_name ${GPG_UID}" \
+ -D "__gpg /usr/bin/gpg2" \
+ -D "__gpg_check_password_cmd /bin/true true" \
+ -D "__gpg_sign_cmd %{__gpg} gpg --batch --no-verbose --no-armor %{?_gpg_digest_algo:--digest-algo %{_gpg_digest_algo}} --no-secmem-warning -u \"%{_gpg_name}\" -sbo %{__signature_filename} %{__plaintext_filename}" \
+ --resign $rpms