[arch-commits] Commit in systemd/trunk (PKGBUILD gnupg-keys.gpg)
Christian Hesse
eworm at archlinux.org
Fri Jun 1 11:04:49 UTC 2018
Date: Friday, June 1, 2018 @ 11:04:49
Author: eworm
Revision: 325496
use pacman's git source verification
Modified:
systemd/trunk/PKGBUILD
Deleted:
systemd/trunk/gnupg-keys.gpg
----------+
PKGBUILD | 42 +++++-------------------------------------
1 file changed, 5 insertions(+), 37 deletions(-)
Modified: PKGBUILD
===================================================================
--- PKGBUILD 2018-06-01 10:44:54 UTC (rev 325495)
+++ PKGBUILD 2018-06-01 11:04:49 UTC (rev 325496)
@@ -19,10 +19,10 @@
options=('strip')
validpgpkeys=('63CDA1E5D3FC22B998D20DD6327F26951A015CC4' # Lennart Poettering <lennart at poettering.net>
'5C251B5FC54EB2F80F407AAAC54CA336CFEB557E') # Zbigniew Jędrzejewski-Szmek <zbyszek at in.waw.pl>
-source=('git+https://github.com/systemd/systemd-stable'
- 'git+https://github.com/systemd/systemd'
+source=(# fragment is latest tag for source verification, final checkout in prepare()
+ "git+https://github.com/systemd/systemd-stable#tag=v${pkgver%.*}?signed"
+ "git+https://github.com/systemd/systemd#tag=v${pkgver%.*}?signed"
'0001-Use-Arch-Linux-device-access-groups.patch'
- 'gnupg-keys.gpg'
'initcpio-hook-udev'
'initcpio-install-systemd'
'initcpio-install-udev'
@@ -43,7 +43,6 @@
sha512sums=('SKIP'
'SKIP'
'9348683829190628e25b7b3300fd880c426d555bde330d5fc5150a9a54b3ad9d4d1f2e69ea1dc6d6f086693dacc53c5af30f1fa7ad9b479791fd77bcdafa430e'
- '42dcacfa0b0c68b04267446d2c360e508dab13f06c07506f46632b19fca0561c27bb5813cd916f7d28b53f853f7197f721c1a02aacd7a3cc8d8742bb6a393cff'
'f0d933e8c6064ed830dec54049b0a01e27be87203208f6ae982f10fb4eddc7258cb2919d594cbfb9a33e74c3510cfd682f3416ba8e804387ab87d1a217eb4b73'
'01de24951a05d38eca6b615a7645beb3677ca0e0f87638d133649f6dc14dcd2ea82594a60b793c31b14493a286d1d11a0d25617f54dbfa02be237652c8faa691'
'a25b28af2e8c516c3a2eec4e64b8c7f70c21f974af4a955a4a9d45fd3e3ff0d2a98b4419fe425d47152d5acae77d64e69d8d014a7209524b75a81b0edb10bf3a'
@@ -70,41 +69,12 @@
_reverts=(
)
-_validate_tag() (
- local success fingerprint trusted status tag=v${pkgver%.*}
-
- cd "$srcdir/$pkgbase-stable"
- parse_gpg_statusfile /dev/stdin < <(git verify-tag --raw "$tag" 2>&1)
-
- if (( ! success )); then
- error 'failed to validate tag %s\n' "$tag"
- return 1
- fi
-
- if ! in_array "$fingerprint" "${validpgpkeys[@]}" && (( ! trusted )); then
- error 'unknown or untrusted public key: %s\n' "$fingerprint"
- return 1
- fi
-
- case $status in
- 'expired')
- warning 'the signature has expired'
- ;;
- 'expiredkey')
- warning 'the key has expired'
- ;;
- esac
-
- return 0
-)
-
prepare() {
cd "$pkgbase-stable"
- # import gpg keys for verification
- gpg --import ../gnupg-keys.gpg
-
+ # add upstream repository for cherry-picking
git remote add -f upstream ../systemd
+ # checkout the latest stable commit
git checkout "$_commit"
local c
@@ -130,8 +100,6 @@
}
build() {
- _validate_tag || return
-
local timeservers=({0..3}.arch.pool.ntp.org)
local meson_options=(
Deleted: gnupg-keys.gpg
===================================================================
(Binary files differ)
More information about the arch-commits
mailing list