commit pesign-obs-integration for openSUSE:Factory
Hello community, here is the log from the commit of package pesign-obs-integration for openSUSE:Factory checked in at 2014-04-05 16:50:11 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/pesign-obs-integration (Old) and /work/SRC/openSUSE:Factory/.pesign-obs-integration.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "pesign-obs-integration" Changes: -------- --- /work/SRC/openSUSE:Factory/pesign-obs-integration/pesign-obs-integration.changes 2013-06-18 15:30:23.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.pesign-obs-integration.new/pesign-obs-integration.changes 2014-04-05 16:50:17.000000000 +0200 @@ -1,0 +2,28 @@ +Thu Apr 3 12:01:54 CEST 2014 - ro@suse.de + +- pesign-gen-repackage-spec: switch to new rpm style handling + of weak dependencies + +------------------------------------------------------------------- +Thu Jan 16 15:12:22 UTC 2014 - mmarek@suse.cz + +- Do not sign any files if BRP_PESIGN_FILES is set not an empty + string (bnc#857599). + +------------------------------------------------------------------- +Tue Jan 7 09:50:58 UTC 2014 - mmarek@suse.cz + +- Fix a typo in the last change. + +------------------------------------------------------------------- +Mon Jan 6 22:08:41 UTC 2014 - mmarek@suse.cz + +- Default to BRP_PESIGN_FILES="*.ko /lib/firmware" (bnc#857599). + +------------------------------------------------------------------- +Mon Jan 6 16:35:30 UTC 2014 - mmarek@suse.cz + +- Add --signatures=<directory> option to modsign-repackage + (bnc#841627). + +------------------------------------------------------------------- ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ pesign-obs-integration.spec ++++++ --- /var/tmp/diff_new_pack.s5xCpp/_old 2014-04-05 16:50:18.000000000 +0200 +++ /var/tmp/diff_new_pack.s5xCpp/_new 2014-04-05 16:50:18.000000000 +0200 @@ -1,7 +1,7 @@ # # spec file for package pesign-obs-integration # -# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed ++++++ brp-99-pesign ++++++ --- /var/tmp/diff_new_pack.s5xCpp/_old 2014-04-05 16:50:18.000000000 +0200 +++ /var/tmp/diff_new_pack.s5xCpp/_new 2014-04-05 16:50:18.000000000 +0200 @@ -22,7 +22,10 @@ set -e -files=${BRP_PESIGN_FILES} +files="*.ko /lib/firmware" +if test -n "${BRP_PESIGN_FILES+x}"; then + files=${BRP_PESIGN_FILES} +fi output= while test $# -gt 0; do case "$1" in ++++++ modsign-repackage ++++++ --- /var/tmp/diff_new_pack.s5xCpp/_old 2014-04-05 16:50:18.000000000 +0200 +++ /var/tmp/diff_new_pack.s5xCpp/_new 2014-04-05 16:50:18.000000000 +0200 @@ -20,7 +20,7 @@ USAGE="$0 --key <private key> --certificate <x509 cert> rpm ..." -options=`getopt -o hk:c: --long help,key:,certificate: -- "$@"` +options=`getopt -o hk:c:s: --long help,key:,certificate:,signatures: -- "$@"` if test $? -ne 0; then echo "$USAGE" >&2 exit 1 @@ -28,6 +28,7 @@ eval set -- "$options" key= cert= +sig_dir= while :; do case "$1" in -k|--key) @@ -38,6 +39,10 @@ cert=$2 shift 2 ;; + -s|--signatures) + sig_dir=$2 + shift 2 + ;; -h|--help) echo "$USAGE" exit @@ -47,13 +52,18 @@ break esac done -if test -z "$key" -o -z "$cert"; then - echo "$0: The --key and --certificate options are mandatory" >&2 - echo "$USAGE" >&2 - exit 1 +err= +if test -n "$key" -a -n "$sig_dir"; then + err="Cannot use both --key and --signatures" +elif test -z "$key" -a -z "$sig_dir"; then + err="Please specify either --key or --signatures" +elif test -z "$cert"; then + err="Please specify --certificate" +elif test "$#" -eq 0; then + err="No packages specified" fi -if test "$#" -eq 0; then - echo "$0: No packages specified" >&2 +if test -n "$err"; then + echo "$0: $err" >&2 echo "$USAGE" >&2 exit 1 fi @@ -107,9 +117,20 @@ done set -e echo "Signing kernel modules..." -for module in $(find "$buildroot" -type f -name '*.ko'); do - /usr/lib/rpm/pesign/kernel-sign-file \ - sha256 "$key" "$cert" "$module" +for module in $(find "$buildroot" -type f -name '*.ko' -printf '%P\n'); do + if test -n "$key"; then + /usr/lib/rpm/pesign/kernel-sign-file \ + sha256 "$key" "$cert" "$buildroot/$module" + else + raw_sig="$sig_dir/$module.sig" + if test ! -e "$raw_sig"; then + echo "$module.sig not found in $sig_dir" >&2 + exit 1 + fi + /usr/lib/rpm/pesign/kernel-sign-file \ + -s "$raw_sig" sha256 "$cert" "$buildroot/$module" + fi + done # Add the certificate mkdir -p "$buildroot/etc/uefi/certs" ++++++ pesign-gen-repackage-spec ++++++ --- /var/tmp/diff_new_pack.s5xCpp/_old 2014-04-05 16:50:18.000000000 +0200 +++ /var/tmp/diff_new_pack.s5xCpp/_new 2014-04-05 16:50:18.000000000 +0200 @@ -122,14 +122,10 @@ obsoletes => "obsolete", provides => "provide", requires => "require", - suggests => "suggests", - enhances => "enhances", -); - -# strong version of suggests and enhances -my %dep2strong = ( - suggests => "recommends", - enhances => "supplements", + suggests => "suggest", + enhances => "enhance", + recommends => "recommend", + supplements => "supplement", ); # specfile scriptlet => rpm tag name @@ -310,7 +306,6 @@ ">" => (1 << 2), "=" => (1 << 3), rpmlib => (1 << 24), - strong => (1 << 27), ); sub print_deps { @@ -319,11 +314,7 @@ foreach my $d (@$list) { next if ($d->{flags} & $depflags{rpmlib}); - if ($d->{flags} & $depflags{strong}) { - print SPEC $dep2strong{$depname}; - } else { - print SPEC $depname; - } + print SPEC $depname; my @deptypes; while (my ($type, $bit) = each(%deptypes)) { push(@deptypes, $type) if $d->{flags} & $bit; -- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org
participants (1)
-
root@hilbert.suse.de