Author: jsuchome Date: Wed Mar 4 13:37:00 2009 New Revision: 55920 URL: http://svn.opensuse.org/viewcvs/yast?rev=55920&view=rev Log: - add GPG key correctly to the installkey.gpg keyring inside initrd (bnc#478975) - before signing a file check for its existence (bnc#481838) - 2.18.0 Modified: trunk/product-creator/VERSION trunk/product-creator/package/yast2-product-creator.changes trunk/product-creator/src/ProductCreator.ycp Modified: trunk/product-creator/VERSION URL: http://svn.opensuse.org/viewcvs/yast/trunk/product-creator/VERSION?rev=55920&r1=55919&r2=55920&view=diff ============================================================================== --- trunk/product-creator/VERSION (original) +++ trunk/product-creator/VERSION Wed Mar 4 13:37:00 2009 @@ -1 +1 @@ -2.17.13 +2.18.0 Modified: trunk/product-creator/package/yast2-product-creator.changes URL: http://svn.opensuse.org/viewcvs/yast/trunk/product-creator/package/yast2-product-creator.changes?rev=55920&r1=55919&r2=55920&view=diff ============================================================================== --- trunk/product-creator/package/yast2-product-creator.changes (original) +++ trunk/product-creator/package/yast2-product-creator.changes Wed Mar 4 13:37:00 2009 @@ -1,4 +1,12 @@ ------------------------------------------------------------------- +Wed Mar 4 13:30:25 CET 2009 - jsuchome@suse.cz + +- add GPG key correctly to the installkey.gpg keyring inside initrd + (bnc#478975) +- before signing a file check for its existence (bnc#481838) +- 2.18.0 + +------------------------------------------------------------------- Fri Feb 20 09:46:56 CET 2009 - jsuchome@suse.cz - adapted kiwi templates for 11.1 (bnc#477645) Modified: trunk/product-creator/src/ProductCreator.ycp URL: http://svn.opensuse.org/viewcvs/yast/trunk/product-creator/src/ProductCreator.ycp?rev=55920&r1=55919&r2=55920&view=diff ============================================================================== --- trunk/product-creator/src/ProductCreator.ycp (original) +++ trunk/product-creator/src/ProductCreator.ycp Wed Mar 4 13:37:00 2009 @@ -778,8 +778,11 @@ // sign the content file boolean ret = GPG::SignAsciiDetached(keyid, dir + "/content", passphrase); - // sign the product file - ret = ret && GPG::SignAsciiDetached(keyid, dir + "/media.1/products", passphrase); + // sign the product file if exists + if (FileUtils::Exists (dir + "/media.1/products")) + { + ret = ret && GPG::SignAsciiDetached(keyid, dir + "/media.1/products", passphrase); + } y2milestone("Signed source: %1", ret); return ret; @@ -2034,6 +2037,29 @@ ret = Exec(command); if (!ret) return false; + if (new_file != "linuxrc.config") + { + // extract installkey.gpg from cpio archive + command = sformat ("cd '%1'; cpio -i -H newc -F '%2.cpio' installkey.gpg", + String::Quote(base), String::Quote(initrd_file)); + + ret = Exec(command); + if (!ret) return false; + + // add our new key to installkey.gpg keyring + command = sformat ("cd '%1'; gpg --no-default-keyring --keyring ./installkey.gpg --import '%2'", + String::Quote(base), String::Quote(new_file)); + ret = Exec(command); + if (!ret) return false; + + // place new installkey.gpg back to the archive + command = sformat ("cd '%1' && echo installkey.gpg | cpio -o -H newc -A -F '%2.cpio'", + String::Quote(base), String::Quote(initrd_file)); + + ret = Exec(command); + if (!ret) return false; + } + // compress the archive, remove the temporary files command = sformat("gzip --best < '%1.cpio' > '%1' && rm -f '%1.cpio' '%2'", String::Quote(initrd_file), String::Quote(new_file)); -- To unsubscribe, e-mail: yast-commit+unsubscribe@opensuse.org For additional commands, e-mail: yast-commit+help@opensuse.org