FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > ArchLinux > ArchLinux Pacman Development

 
 
LinkBack Thread Tools
 
Old 06-02-2008, 03:32 AM
 
Default GPG signature option in makepkg, adapted to Dan McGee's suggestions

From: Geoffroy Carrier <geoffroy.carrier@koon.fr>

Now uses a BUILDENV option instead of a command line option,
deprecated --usesudo is back in place.
Of course, this patch applies on master, so please forget about the
previous patch.
For your $filename remark, i might write a biiig patch when I get
enough motivation. If someone else want to do it, please do

---
etc/makepkg.conf.in | 5 +++--
scripts/makepkg.sh.in | 22 ++++++++++++++++++++++
2 files changed, 25 insertions(+), 2 deletions(-)

diff --git a/etc/makepkg.conf.in b/etc/makepkg.conf.in
index 47ed0a4..7d1fbb8 100644
--- a/etc/makepkg.conf.in
+++ b/etc/makepkg.conf.in
@@ -38,7 +38,7 @@ CXXFLAGS="@CARCHFLAGS@-mtune=generic -O2 -pipe"
# BUILD ENVIRONMENT
################################################## #######################
#
-# Defaults: BUILDENV=(fakeroot !distcc color !ccache !xdelta)
+# Defaults: BUILDENV=(fakeroot !distcc color !ccache !xdelta !sign)
# A negated environment option will do the opposite of the comments below.
#
#-- fakeroot: Allow building packages as a non-root user
@@ -46,8 +46,9 @@ CXXFLAGS="@CARCHFLAGS@-mtune=generic -O2 -pipe"
#-- color: Colorize output messages
#-- ccache: Use ccache to cache compilation
#-- xdelta: Generate delta patch from previous to current package
+#-- sign: Generate PGP signature file
#
-BUILDENV=(fakeroot !distcc color !ccache !xdelta)
+BUILDENV=(fakeroot !distcc color !ccache !xdelta !sign)
#
#-- If using DistCC, your MAKEFLAGS will also need modification. In addition,
#-- specify a space-delimited list of hosts running in the DistCC cluster.
diff --git a/scripts/makepkg.sh.in b/scripts/makepkg.sh.in
index 6e2f1ad..409cae5 100644
--- a/scripts/makepkg.sh.in
+++ b/scripts/makepkg.sh.in
@@ -855,6 +855,26 @@ create_package() {
fi
}

+create_signature() {
+ if [ "$(check_buildenv sign)" != "y" ]; then
+ return
+ fi
+ [ "$SIGN" = "0" ] && return
+ local ret = 0
+ local filename = "$PKGDEST/${pkgname}-${pkgver}-${pkgrel}-${CARCH}${PKGEXT}"
+ msg "$(gettext "Signing package...")"
+ if [ ! $(type -p "gpg") ]; then
+ error "$(gettext "Cannot find the gpg binary! Is gnupg installed?")"
+ exit 1 # $E_MISSING_PROGRAM
+ fi
+ gpg --detach-sign $filename || ret = $?
+ if [ $ret -eq 0 ]; then
+ msg2 "$(gettext "Created signature file %s.")" $filename.sig
+ else
+ warning "$(gettext "Failed to sign package file.")"
+ fi
+}
+
create_xdelta() {
if [ "$(check_buildenv xdelta)" != "y" ]; then
return
@@ -1494,6 +1514,8 @@ fi

msg "$(gettext "Finished making: %s")" "$pkgname $pkgver-$pkgrel $CARCH ($(date))"

+create_signature
+
install_package

exit 0 #E_OK
--
1.5.5.3


_______________________________________________
pacman-dev mailing list
pacman-dev@archlinux.org
http://archlinux.org/mailman/listinfo/pacman-dev
 
Old 06-02-2008, 03:33 AM
Geoffroy Carrier
 
Default GPG signature option in makepkg, adapted to Dan McGee's suggestions

Excerpts from Geoffroy Carrier's message of Mon Jun 02 05:32:02 +0200 2008:
> + [ "$SIGN" = "0" ] && return
How @#$%^&* I am. Forget about this, btw.

--
Geoffroy Carrier
http://gcarrier.koon.fr/

_______________________________________________
pacman-dev mailing list
pacman-dev@archlinux.org
http://archlinux.org/mailman/listinfo/pacman-dev
 
Old 06-02-2008, 04:28 AM
"Dan McGee"
 
Default GPG signature option in makepkg, adapted to Dan McGee's suggestions

On Sun, Jun 1, 2008 at 10:32 PM, <geoffroy.carrier@koon.fr> wrote:
> From: Geoffroy Carrier <geoffroy.carrier@koon.fr>
>
> Now uses a BUILDENV option instead of a command line option,
> deprecated --usesudo is back in place.
> Of course, this patch applies on master, so please forget about the
> previous patch.
> For your $filename remark, i might write a biiig patch when I get
> enough motivation. If someone else want to do it, please do
>
> ---
So FYI, any comments you include here in a patch (below the triple
dash and before the first 'diff --git') won't be included when someone
actually goes to apply the patch. So things like the $filename remark
should probably go here as they aren't relevant to the actual patch
being proposed, but is useful information on the mailing list. In
addition, putting my name in the Subject will also cause me to have to
manually edit your commit message, so please refrain from that in the
future and make that comment here. I'm not trying to come across as
the patch asshole here, I'm just trying to make it easier for me to
get these applied ASAP once everyone likes the content.

With that said, this patch is exactly what I was thinking, and I like
it. My only other request would be that thing called documentation,
namely makepkg.conf.5. It should be an easy addition, and I won't make
you resubmit if there is a grammar issue, I'll just fix it. Thanks!

> etc/makepkg.conf.in | 5 +++--
> scripts/makepkg.sh.in | 22 ++++++++++++++++++++++
> 2 files changed, 25 insertions(+), 2 deletions(-)
>
> diff --git a/etc/makepkg.conf.in b/etc/makepkg.conf.in
> index 47ed0a4..7d1fbb8 100644
> --- a/etc/makepkg.conf.in
> +++ b/etc/makepkg.conf.in
> @@ -38,7 +38,7 @@ CXXFLAGS="@CARCHFLAGS@-mtune=generic -O2 -pipe"
> # BUILD ENVIRONMENT
> ################################################## #######################
> #
> -# Defaults: BUILDENV=(fakeroot !distcc color !ccache !xdelta)
> +# Defaults: BUILDENV=(fakeroot !distcc color !ccache !xdelta !sign)
> # A negated environment option will do the opposite of the comments below.
> #
> #-- fakeroot: Allow building packages as a non-root user
> @@ -46,8 +46,9 @@ CXXFLAGS="@CARCHFLAGS@-mtune=generic -O2 -pipe"
> #-- color: Colorize output messages
> #-- ccache: Use ccache to cache compilation
> #-- xdelta: Generate delta patch from previous to current package
> +#-- sign: Generate PGP signature file
with default key? I'm just trying to think if there is any ambiguity here.

> #
> -BUILDENV=(fakeroot !distcc color !ccache !xdelta)
> +BUILDENV=(fakeroot !distcc color !ccache !xdelta !sign)
> #
> #-- If using DistCC, your MAKEFLAGS will also need modification. In addition,
> #-- specify a space-delimited list of hosts running in the DistCC cluster.
> diff --git a/scripts/makepkg.sh.in b/scripts/makepkg.sh.in
> index 6e2f1ad..409cae5 100644
> --- a/scripts/makepkg.sh.in
> +++ b/scripts/makepkg.sh.in
> @@ -855,6 +855,26 @@ create_package() {
> fi
> }
>
> +create_signature() {
> + if [ "$(check_buildenv sign)" != "y" ]; then
> + return
> + fi
> + [ "$SIGN" = "0" ] && return
You already called yourself out here, so make sure you don't mess up
twice and fix this before the resubmit.

> + local ret = 0
> + local filename = "$PKGDEST/${pkgname}-${pkgver}-${pkgrel}-${CARCH}${PKGEXT}"
> + msg "$(gettext "Signing package...")"
> + if [ ! $(type -p "gpg") ]; then
> + error "$(gettext "Cannot find the gpg binary! Is gnupg installed?")"
> + exit 1 # $E_MISSING_PROGRAM
> + fi
> + gpg --detach-sign $filename || ret = $?
> + if [ $ret -eq 0 ]; then
> + msg2 "$(gettext "Created signature file %s.")" $filename.sig
> + else
> + warning "$(gettext "Failed to sign package file.")"
> + fi
> +}
Looks great now, awesome.

> +
> create_xdelta() {
> if [ "$(check_buildenv xdelta)" != "y" ]; then
> return
> @@ -1494,6 +1514,8 @@ fi
>
> msg "$(gettext "Finished making: %s")" "$pkgname $pkgver-$pkgrel $CARCH ($(date))"
>
> +create_signature
> +
> install_package
>
> exit 0 #E_OK
> --
> 1.5.5.3

_______________________________________________
pacman-dev mailing list
pacman-dev@archlinux.org
http://archlinux.org/mailman/listinfo/pacman-dev
 

Thread Tools




All times are GMT. The time now is 01:40 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org