[pacman-dev] [PATCH] GPG signature support for makepkg:
geoffroy.carrier at koon.fr
geoffroy.carrier at koon.fr
Mon Jun 2 04:27:00 EDT 2008
From: Geoffroy Carrier <geoffroy.carrier at koon.fr>
---
This should be the last version I submit here.
I should start including support in pacman soon.
It will rely directly on the gpg binary, and should work a lot like git.
It has a very nice embedded "lib" to launch processes. I might embed parts of it
in my pacman branch, as it's generic and seems very well-written.
doc/makepkg.conf.5.txt | 3 +++
etc/makepkg.conf.in | 5 +++--
scripts/makepkg.sh.in | 21 +++++++++++++++++++++
3 files changed, 27 insertions(+), 2 deletions(-)
diff --git a/doc/makepkg.conf.5.txt b/doc/makepkg.conf.5.txt
index 113ad14..b6f4385 100644
--- a/doc/makepkg.conf.5.txt
+++ b/doc/makepkg.conf.5.txt
@@ -92,6 +92,9 @@ Options
previous package must be available in the makepkg cache directory for
this to occur.
+ *sign*;;
+ Generate a PGP signature file using GnuPG.
+
**DISTCC_HOSTS=**"host1 ..."::
If using DistCC, this is used to specify a space-delimited list of hosts
running in the DistCC cluster. In addition, you will want to modify your
diff --git a/etc/makepkg.conf.in b/etc/makepkg.conf.in
index 47ed0a4..7d1fbb8 100644
--- a/etc/makepkg.conf.in
+++ b/etc/makepkg.conf.in
@@ -38,7 +38,7 @@ CXXFLAGS="@CARCHFLAGS at -mtune=generic -O2 -pipe"
# BUILD ENVIRONMENT
#########################################################################
#
-# Defaults: BUILDENV=(fakeroot !distcc color !ccache !xdelta)
+# Defaults: BUILDENV=(fakeroot !distcc color !ccache !xdelta !sign)
# A negated environment option will do the opposite of the comments below.
#
#-- fakeroot: Allow building packages as a non-root user
@@ -46,8 +46,9 @@ CXXFLAGS="@CARCHFLAGS at -mtune=generic -O2 -pipe"
#-- color: Colorize output messages
#-- ccache: Use ccache to cache compilation
#-- xdelta: Generate delta patch from previous to current package
+#-- sign: Generate PGP signature file
#
-BUILDENV=(fakeroot !distcc color !ccache !xdelta)
+BUILDENV=(fakeroot !distcc color !ccache !xdelta !sign)
#
#-- If using DistCC, your MAKEFLAGS will also need modification. In addition,
#-- specify a space-delimited list of hosts running in the DistCC cluster.
diff --git a/scripts/makepkg.sh.in b/scripts/makepkg.sh.in
index 6e2f1ad..c4d8c2e 100644
--- a/scripts/makepkg.sh.in
+++ b/scripts/makepkg.sh.in
@@ -855,6 +855,25 @@ create_package() {
fi
}
+create_signature() {
+ if [ "$(check_buildenv sign)" != "y" ]; then
+ return
+ fi
+ local ret = 0
+ local filename = "$PKGDEST/${pkgname}-${pkgver}-${pkgrel}-${CARCH}${PKGEXT}"
+ msg "$(gettext "Signing package...")"
+ if [ ! $(type -p "gpg") ]; then
+ error "$(gettext "Cannot find the gpg binary! Is gnupg installed?")"
+ exit 1 # $E_MISSING_PROGRAM
+ fi
+ gpg --detach-sign $filename || ret = $?
+ if [ $ret -eq 0 ]; then
+ msg2 "$(gettext "Created signature file %s.")" $filename.sig
+ else
+ warning "$(gettext "Failed to sign package file.")"
+ fi
+}
+
create_xdelta() {
if [ "$(check_buildenv xdelta)" != "y" ]; then
return
@@ -1494,6 +1513,8 @@ fi
msg "$(gettext "Finished making: %s")" "$pkgname $pkgver-$pkgrel $CARCH ($(date))"
+create_signature
+
install_package
exit 0 #E_OK
--
1.5.5.3
More information about the pacman-dev
mailing list