diff options
| author | Michael Scherer <misc@mageia.org> | 2012-01-08 13:45:13 +0000 |
|---|---|---|
| committer | Michael Scherer <misc@mageia.org> | 2012-01-08 13:45:13 +0000 |
| commit | 5bb677dcca25b78ce5568beb0e0c7aa88831d58f (patch) | |
| tree | cb4de5771b85b8daa4d884a503f428c01d514197 /modules | |
| parent | 72e9a0382137b1a726b36ea6814ee89433ca0842 (diff) | |
| download | puppet-5bb677dcca25b78ce5568beb0e0c7aa88831d58f.tar puppet-5bb677dcca25b78ce5568beb0e0c7aa88831d58f.tar.gz puppet-5bb677dcca25b78ce5568beb0e0c7aa88831d58f.tar.bz2 puppet-5bb677dcca25b78ce5568beb0e0c7aa88831d58f.tar.xz puppet-5bb677dcca25b78ce5568beb0e0c7aa88831d58f.zip | |
add the missing script to sign packages ( was before unversionned in /usr/bin )
Diffstat (limited to 'modules')
4 files changed, 37 insertions, 3 deletions
diff --git a/modules/buildsystem/manifests/signbot.pp b/modules/buildsystem/manifests/signbot.pp index 7b69a17f..dbcba230 100644 --- a/modules/buildsystem/manifests/signbot.pp +++ b/modules/buildsystem/manifests/signbot.pp @@ -34,5 +34,9 @@ class buildsystem { local_script { "sign-check-package": content => template("buildsystem/signbot/sign-check-package") } + + local_script { "mga-signpackage": + content => template("buildsystem/signbot/mga-signpackage") + } } } diff --git a/modules/buildsystem/templates/signbot/mga-signpackage b/modules/buildsystem/templates/signbot/mga-signpackage new file mode 100755 index 00000000..8f207d83 --- /dev/null +++ b/modules/buildsystem/templates/signbot/mga-signpackage @@ -0,0 +1,30 @@ +#!/usr/bin/perl -w + +use strict; +use warnings; +use RPM4::Sign; +use File::Spec; + +sub signpackage { + my ($file, $name, $path) = @_; + + # check if parent directory is writable + my $parent = (File::Spec->splitpath($file))[1]; + die "Unsignable package, parent directory is read-only" + unless -w $parent; + + my $sign = RPM4::Sign->new( + name => $name, + path => $path, + passphrase => '', + ); + + $sign->rpmssign($file) +} + +if (@ARGV != 3) { + exit 1; +} + +signpackage(@ARGV); + diff --git a/modules/buildsystem/templates/signbot/sign-check-package b/modules/buildsystem/templates/signbot/sign-check-package index 4c6d1937..b0b01576 100644 --- a/modules/buildsystem/templates/signbot/sign-check-package +++ b/modules/buildsystem/templates/signbot/sign-check-package @@ -13,7 +13,7 @@ keydir="$3" tmpfile=`mktemp` cp -pf "$file" "$tmpfile" rpm --delsign "$tmpfile" -/usr/bin/mga-signpackage "$tmpfile" "$key" "$keydir" +/usr/local/bin/mga-signpackage "$tmpfile" "$key" "$keydir" nbtry=0 while rpmsign -Kv "$tmpfile" 2>&1 | grep BAD do @@ -30,6 +30,6 @@ do cp -pf "$file" "$tmpfile" rpm --delsign "$tmpfile" - /usr/bin/mga-signpackage "$tmpfile" "$key" "$keydir" + /usr/local/bin/mga-signpackage "$tmpfile" "$key" "$keydir" done mv -f "$tmpfile" "$file" diff --git a/modules/buildsystem/templates/signbot/sudoers.signpackage b/modules/buildsystem/templates/signbot/sudoers.signpackage index 19cacb0b..05653d30 100644 --- a/modules/buildsystem/templates/signbot/sudoers.signpackage +++ b/modules/buildsystem/templates/signbot/sudoers.signpackage @@ -1,2 +1,2 @@ -<%= sched_login %> ALL =(<%= login %>) NOPASSWD: /usr/bin/mga-signpackage +<%= sched_login %> ALL =(<%= login %>) NOPASSWD: /usr/local/bin/mga-signpackage <%= sched_login %> ALL =(<%= login %>) NOPASSWD: /usr/local/bin/sign-check-package |