With recent version of gpg, signing within fakeroot works on the first invocation, but fails on later runs. Sign all packages outside of fakeroot to avoid this issue. Fixes FS#49946. Signed-off-by: Allan McRae <allan@archlinux.org> --- .../libmakepkg/integrity/generate_signature.sh.in | 34 ++++++++++++++++++++-- scripts/makepkg.sh.in | 9 +++--- 2 files changed, 36 insertions(+), 7 deletions(-) diff --git a/scripts/libmakepkg/integrity/generate_signature.sh.in b/scripts/libmakepkg/integrity/generate_signature.sh.in index 060ae344..6d65d82d 100644 --- a/scripts/libmakepkg/integrity/generate_signature.sh.in +++ b/scripts/libmakepkg/integrity/generate_signature.sh.in @@ -27,11 +27,10 @@ source "$LIBRARY/util/message.sh" create_signature() { if [[ $SIGNPKG != 'y' ]]; then - return + return 0 fi local ret=0 local filename="$1" - msg "$(gettext "Signing package...")" local SIGNWITHKEY="" if [[ -n $GPGKEY ]]; then @@ -42,8 +41,37 @@ create_signature() { if (( ! ret )); then - msg2 "$(gettext "Created signature file %s.")" "$filename.sig" + msg2 "$(gettext "Created signature file %s.")" "${filename##*/}.sig" else warning "$(gettext "Failed to sign package file.")" fi + + return $ret +} + +create_package_signatures() { + local pkgarch pkg_file + local pkgname_backup=("${pkgname[@]}") + local fullver=$(get_full_version) + + msg "$(gettext "Signing package(s)...")" + + for pkgname in ${pkgname_backup[@]}; do + pkgarch=$(get_pkg_arch $pkgname) + pkg_file="$PKGDEST/${pkgname}-${fullver}-${pkgarch}${PKGEXT}" + + create_signature "$pkg_file" + done + + # check if debug package needs a signature + if ! check_option "debug" "y" || ! check_option "strip" "y"; then + return + fi + + pkgname=$pkgbase-@DEBUGSUFFIX@ + pkgarch=$(get_pkg_arch) + pkg_file="$PKGDEST/${pkgname}-${fullver}-${pkgarch}${PKGEXT}" + create_signature "$pkg_file" + + pkgname=("${pkgname_backup[@]}") } diff --git a/scripts/makepkg.sh.in b/scripts/makepkg.sh.in index be0ea72e..ca9b6685 100644 --- a/scripts/makepkg.sh.in +++ b/scripts/makepkg.sh.in @@ -769,8 +769,6 @@ create_package() { error "$(gettext "Failed to create package file.")" exit 1 # TODO: error code fi - - create_signature "$pkg_file" } create_debug_package() { @@ -868,8 +866,6 @@ create_srcpackage() { exit 1 # TODO: error code fi - create_signature "$pkg_file" - cd_safe "${startdir}" rm -rf "${srclinks}" } @@ -1625,6 +1621,9 @@ if (( SOURCEONLY )); then enter_fakeroot + msg "$(gettext "Signing package...")" + create_signature "$SRCPKGDEST/${pkgbase}-${fullver}${SRCEXT}" + msg "$(gettext "Source package created: %s")" "$pkgbase ($(date))" exit 0 fi @@ -1716,6 +1715,8 @@ else fi enter_fakeroot + + create_package_signatures fi # if inhibiting archive creation, go no further -- 2.12.0