[pacman-dev] [PATCH v3] libmakepkg/integrity: fix regression that broke --install

Eli Schwartz eschwartz at archlinux.org
Thu Mar 15 00:48:34 UTC 2018

In commit c6b04c04653ba9933fe978829148312e412a9ea7 package signing was
moved out of fakeroot, and as part of this process, the global pkgname
variable was modified in order to extract the built package names.

However, if a debug package was not available and added to the list of
packages, the function was aborted early, before the pkgname array was
restored, thereby corrupting the later stages of makepkg and
specifically the install_package function which needs to know which
pkgnames to install.

Fix this by using the newly changed print_all_package_names function to
iterate over the list of all package files that will be created; this
avoids the need to independently recreate those filenames here.

Additionally, since debug packages may not actually exist, check if the
package file exists first.

Signed-off-by: Eli Schwartz <eschwartz at archlinux.org>

v3: alternative take that relies on the --packagelist changes currently
in Allan's patchqueue. Deduplicating this logic feels nice...

 .../libmakepkg/integrity/generate_signature.sh.in  | 24 ++++------------------
 1 file changed, 4 insertions(+), 20 deletions(-)

diff --git a/scripts/libmakepkg/integrity/generate_signature.sh.in b/scripts/libmakepkg/integrity/generate_signature.sh.in
index 8bb69984..032e147e 100644
--- a/scripts/libmakepkg/integrity/generate_signature.sh.in
+++ b/scripts/libmakepkg/integrity/generate_signature.sh.in
@@ -50,28 +50,12 @@ create_package_signatures() {
 	if [[ $SIGNPKG != 'y' ]]; then
 		return 0
-	local pkgarch pkg_file
-	local pkgname_backup=("${pkgname[@]}")
-	local fullver=$(get_full_version)

 	msg "$(gettext "Signing package(s)...")"

-	for pkgname in ${pkgname_backup[@]}; do
-		pkgarch=$(get_pkg_arch $pkgname)
-		pkg_file="$PKGDEST/${pkgname}-${fullver}-${pkgarch}${PKGEXT}"
-		create_signature "$pkg_file"
+	print_all_package_names | while read pkg_file; do
+		if [[ -f $pkg_file ]]; then
+			create_signature "$pkg_file"
+		fi
-	# check if debug package needs a signature
-	if ! check_option "debug" "y" || ! check_option "strip" "y"; then
-		return
-	fi
-	pkgname=$pkgbase- at DEBUGSUFFIX@
-	pkgarch=$(get_pkg_arch)
-	pkg_file="$PKGDEST/${pkgname}-${fullver}-${pkgarch}${PKGEXT}"
-	create_signature "$pkg_file"
-	pkgname=("${pkgname_backup[@]}")

More information about the pacman-dev mailing list