From: Geoffroy Carrier <geoffroy.carrier@koon.fr> --- This should be the last version I submit here. I should start including support in pacman soon. It will rely directly on the gpg binary, and should work a lot like git. It has a very nice embedded "lib" to launch processes. I might embed parts of it in my pacman branch, as it's generic and seems very well-written. doc/makepkg.conf.5.txt | 3 +++ etc/makepkg.conf.in | 5 +++-- scripts/makepkg.sh.in | 21 +++++++++++++++++++++ 3 files changed, 27 insertions(+), 2 deletions(-) diff --git a/doc/makepkg.conf.5.txt b/doc/makepkg.conf.5.txt index 113ad14..b6f4385 100644 --- a/doc/makepkg.conf.5.txt +++ b/doc/makepkg.conf.5.txt @@ -92,6 +92,9 @@ Options previous package must be available in the makepkg cache directory for this to occur. + *sign*;; + Generate a PGP signature file using GnuPG. + **DISTCC_HOSTS=**"host1 ...":: If using DistCC, this is used to specify a space-delimited list of hosts running in the DistCC cluster. In addition, you will want to modify your diff --git a/etc/makepkg.conf.in b/etc/makepkg.conf.in index 47ed0a4..7d1fbb8 100644 --- a/etc/makepkg.conf.in +++ b/etc/makepkg.conf.in @@ -38,7 +38,7 @@ CXXFLAGS="@CARCHFLAGS@-mtune=generic -O2 -pipe" # BUILD ENVIRONMENT ######################################################################### # -# Defaults: BUILDENV=(fakeroot !distcc color !ccache !xdelta) +# Defaults: BUILDENV=(fakeroot !distcc color !ccache !xdelta !sign) # A negated environment option will do the opposite of the comments below. # #-- fakeroot: Allow building packages as a non-root user @@ -46,8 +46,9 @@ CXXFLAGS="@CARCHFLAGS@-mtune=generic -O2 -pipe" #-- color: Colorize output messages #-- ccache: Use ccache to cache compilation #-- xdelta: Generate delta patch from previous to current package +#-- sign: Generate PGP signature file # -BUILDENV=(fakeroot !distcc color !ccache !xdelta) +BUILDENV=(fakeroot !distcc color !ccache !xdelta !sign) # #-- If using DistCC, your MAKEFLAGS will also need modification. In addition, #-- specify a space-delimited list of hosts running in the DistCC cluster. diff --git a/scripts/makepkg.sh.in b/scripts/makepkg.sh.in index 6e2f1ad..c4d8c2e 100644 --- a/scripts/makepkg.sh.in +++ b/scripts/makepkg.sh.in @@ -855,6 +855,25 @@ create_package() { fi } +create_signature() { + if [ "$(check_buildenv sign)" != "y" ]; then + return + fi + local ret = 0 + local filename = "$PKGDEST/${pkgname}-${pkgver}-${pkgrel}-${CARCH}${PKGEXT}" + msg "$(gettext "Signing package...")" + if [ ! $(type -p "gpg") ]; then + error "$(gettext "Cannot find the gpg binary! Is gnupg installed?")" + exit 1 # $E_MISSING_PROGRAM + fi + gpg --detach-sign $filename || ret = $? + if [ $ret -eq 0 ]; then + msg2 "$(gettext "Created signature file %s.")" $filename.sig + else + warning "$(gettext "Failed to sign package file.")" + fi +} + create_xdelta() { if [ "$(check_buildenv xdelta)" != "y" ]; then return @@ -1494,6 +1513,8 @@ fi msg "$(gettext "Finished making: %s")" "$pkgname $pkgver-$pkgrel $CARCH ($(date))" +create_signature + install_package exit 0 #E_OK -- 1.5.5.3