Hello community, here is the log from the commit of package mksusecd for openSUSE:Factory checked in at 2015-02-25 02:18:04 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/mksusecd (Old) and /work/SRC/openSUSE:Factory/.mksusecd.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "mksusecd" Changes: -------- --- /work/SRC/openSUSE:Factory/mksusecd/mksusecd.changes 2015-02-10 20:24:11.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.mksusecd.new/mksusecd.changes 2015-02-25 02:18:30.000000000 +0100 @@ -1,0 +2,8 @@ +Tue Feb 24 14:26:13 CET 2015 - snwint@suse.com + +- support initrds with pre-sle12 key management +- support adding driver updates to initrd +- no-sign option should also prevent updating 'content' file +- 1.13 + +------------------------------------------------------------------- Old: ---- mksusecd-1.12.tar.xz New: ---- mksusecd-1.13.tar.xz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ mksusecd.spec ++++++ --- /var/tmp/diff_new_pack.EmpKt8/_old 2015-02-25 02:18:31.000000000 +0100 +++ /var/tmp/diff_new_pack.EmpKt8/_new 2015-02-25 02:18:31.000000000 +0100 @@ -29,7 +29,7 @@ Summary: Create SUSE Linux installation ISOs License: GPL-3.0+ Group: Hardware/Other -Version: 1.12 +Version: 1.13 Release: 0 Source: %{name}-%{version}.tar.xz Url: https://github.com/wfeldt/mksusecd ++++++ mksusecd-1.12.tar.xz -> mksusecd-1.13.tar.xz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/mksusecd-1.12/VERSION new/mksusecd-1.13/VERSION --- old/mksusecd-1.12/VERSION 2015-02-10 10:02:57.000000000 +0100 +++ new/mksusecd-1.13/VERSION 2015-02-24 14:20:20.000000000 +0100 @@ -1 +1 @@ -1.12 +1.13 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/mksusecd-1.12/changelog new/mksusecd-1.13/changelog --- old/mksusecd-1.12/changelog 2015-02-10 10:02:57.000000000 +0100 +++ new/mksusecd-1.13/changelog 2015-02-24 14:20:20.000000000 +0100 @@ -1,3 +1,8 @@ +2015-02-24: 1.13 + - support initrds with pre-sle12 key management + - support adding driver updates to initrd + - no-sign option should also prevent updating 'content' file + 2015-02-10: 1.12 - simplify key handling diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/mksusecd-1.12/mksusecd new/mksusecd-1.13/mksusecd --- old/mksusecd-1.12/mksusecd 2015-02-10 10:02:57.000000000 +0100 +++ new/mksusecd-1.13/mksusecd 2015-02-24 14:20:20.000000000 +0100 @@ -157,8 +157,10 @@ sub find_magic; sub meta_iso; sub meta_fat; +sub get_unpack_commands; sub create_initrd; sub update_initrd; +sub extract_installkeys; sub create_cd_ikr; sub isolinux_add_option; sub grub2_add_option; @@ -285,6 +287,7 @@ my $has_efi = 0; my $sign_key_pub; my $sign_key_dir; +my $initrd_installkeys; my $progress_start = 0; my $progress_end = 100; @@ -326,6 +329,7 @@ $boot = analyze_boot; update_boot_options; if($opt_sign && (@opt_initrds || update_content)) { + extract_installkeys; create_sign_key; add_sign_key; } @@ -431,7 +435,8 @@ image (partitioning tools don't really like this) or 'iso' or 'fat' in which case you get a regular partition with an ISO960 or FAT file system (default: 'iso'). - --initrd DIR|RPM Add directory DIR or package RPM to initrd. + --initrd DIR|RPM|DUD Add directory DIR or package RPM or driver update DUD + to initrd. --no-docs Don't include package documentation when updating the initrd (default). --keep-docs Include package documentation when updating initrd. @@ -849,11 +854,11 @@ $cmd = "$mkisofs->{command}$mkisofs->{options}"; - print "running:\n$cmd\n" if $opt_verbose >= 1; + print "running:\n$cmd\n" if $opt_verbose >= 2; - print "$mkisofs->{command} sort file:\n", join("\n", @{$mkisofs->{sort}}), "\n" if $opt_verbose >= 2; + print "$mkisofs->{command} sort file:\n", join("\n", @{$mkisofs->{sort}}), "\n" if $opt_verbose >= 3; - print "$mkisofs->{command} exclude file:\n", join("\n", @{$mkisofs->{exclude}}), "\n" if $opt_verbose >= 2; + print "$mkisofs->{command} exclude file:\n", join("\n", @{$mkisofs->{exclude}}), "\n" if $opt_verbose >= 3; if(open my $fh, "$cmd 2>&1 |") { $| = 1; @@ -874,7 +879,7 @@ $ok = 0 if $?; } - print $log if $opt_verbose >= 2 || !$ok; + print $log if $opt_verbose >= 3 || !$ok; die "Error: $mkisofs->{command} failed\n" if !$ok; } @@ -1363,6 +1368,46 @@ # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +sub get_unpack_commands +{ + my $i = $_[0]; + my $tmp_dir = $_[1]; + + my ($cmd1, $cmd2); + + my $t = `file -b -k -L $i 2>/dev/null`; + + if(-d $i) { + $cmd1 = "tar -C '$i' -cf - ."; + $cmd2 = 'tar'; + } + elsif(-f $i && $t =~ /^RPM/) { + $cmd1 = "rpm2cpio '$i'"; + $cmd2 = 'cpio'; + } + elsif(-f $i && $t =~ / (cpio|tar) archive/) { + $cmd1 = "cat '$i'"; + $cmd2 = $1; + } + elsif(-f $i && $t =~ /^(gzip|XZ) compressed data/) { + $cmd1 = "\L$1\E -dc '$i'"; + my $z = `$cmd1 | file -b -`; + $cmd2 = $1 if $z =~ / (cpio|tar) archive/; + } + + if($cmd1 && $cmd2) { + $cmd2 = "( cd $tmp_dir ; cpio --quiet --sparse -dimu --no-absolute-filenames 2>/dev/null )" if $cmd2 eq 'cpio'; + $cmd2 = "tar -C $tmp_dir -xpf - 2>/dev/null" if $cmd2 eq 'tar'; + + # print "$cmd1 | $cmd2\n"; + return [ $cmd1, $cmd2 ]; + } + + return undef; +} + + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - sub create_initrd { return undef if !@opt_initrds; @@ -1371,12 +1416,10 @@ my $tmp_dir = $tmp->dir(); for my $i (@opt_initrds) { - my $t = `file -b -k -L $i 2>/dev/null`; - if(-d $i) { - system "tar -C '$i' -cf - . | tar -C $tmp_dir -xpf -"; - } - elsif(-f $i && $t =~ /^RPM/) { - system "rpm2cpio '$i' | ( cd $tmp_dir ; cpio --quiet --sparse -dimu --no-absolute-filenames )"; + my $cmds = get_unpack_commands $i, $tmp_dir; + + if($cmds) { + system join(' | ', @$cmds); } else { print STDERR "Warning: ignoring $i\n"; @@ -1395,7 +1438,7 @@ print "initrd: linuxrc detected, renamed to /init\n"; } - system "( cd $tmp_dir; find . | cpio --quiet -o -H newc | gzip -9c ) >> $tmp_initrd"; + system "( cd $tmp_dir; find . | cpio --quiet -o -H newc --owner 0:0 | gzip -9c ) >> $tmp_initrd"; # system "ls -lR $tmp_dir"; @@ -1421,6 +1464,31 @@ # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +sub extract_installkeys +{ + return if !$opt_sign; + + for my $b (sort keys %$boot) { + if($boot->{$b}{initrd}) { + my $f = fname($boot->{$b}{initrd}); + if(-f $f) { + my $tmp_dir = $tmp->dir(); + my $cmds = get_unpack_commands $f, $tmp_dir; + if($cmds) { + system join(' | ', @$cmds); + if(-f "$tmp_dir/installkey.gpg") { + $initrd_installkeys = "$tmp_dir/installkey.gpg"; + print "old style initrd found\n" if $opt_verbose >= 1; + } + } + } + last; + } + } +} + + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - sub create_cd_ikr { local $_; @@ -1717,6 +1785,9 @@ { my $changed = 0; + # don't modify content if we're not going to re-sign it + return $changed if !$opt_sign; + my $content = fname "content"; return unless defined $content; @@ -1847,8 +1918,17 @@ my $tmp_dir = $tmp->dir(); - system "mkdir -p $tmp_dir/usr/lib/rpm/gnupg/keys"; - system "cp $sign_key_pub $tmp_dir/usr/lib/rpm/gnupg/keys"; + if($initrd_installkeys) { + # old style, gpg key ring + system "cp $initrd_installkeys $tmp_dir/installkey.gpg"; + system "gpg --homedir=$sign_key_dir --batch --no-default-keyring --ignore-time-conflict --ignore-valid-from --keyring $tmp_dir/installkey.gpg --import $sign_key_pub 2>/dev/null"; + unlink "$tmp_dir/installkey.gpg~"; + } + else { + # new style, directory of gpg keys + system "mkdir -p $tmp_dir/usr/lib/rpm/gnupg/keys"; + system "cp $sign_key_pub $tmp_dir/usr/lib/rpm/gnupg/keys"; + } print "signing key added to initrd\n" if $opt_verbose >= 1; -- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org