From ca3438c6ea44d952d0f6834aaa3e3a4da853f786 Mon Sep 17 00:00:00 2001 From: Holger Levsen Date: Thu, 26 Feb 2015 20:48:09 +0100 Subject: add script to add key for reproducible repo - to proof the TODO item 'merge the two scripts to create schroots'... :/ --- bin/schroot-create.sh | 47 +++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 47 insertions(+) diff --git a/bin/schroot-create.sh b/bin/schroot-create.sh index 9de123ff..fd9b3b43 100755 --- a/bin/schroot-create.sh +++ b/bin/schroot-create.sh @@ -44,6 +44,45 @@ if [ -z "$CHROOT_TARGET" ]; then exit 1 fi +# +# create script to add key for reproducible repo +# +add_repokey() { + TMPFILE=$1 + shift + cat > $TMPFILE <<- EOF +echo "-----BEGIN PGP PUBLIC KEY BLOCK----- +Version: GnuPG v1.4.12 (GNU/Linux) + +mQINBFQsy/gBEADKGF55qQpXxpTn7E0Vvqho82/HFB/yT9N2wD8TkrejhJ1I6hfJ +zFXD9fSi8WnNpLc6IjcaepuvvO4cpIQ8620lIuONQZU84sof8nAO0LDoMp/QdN3j +VViXRXQtoUmTAzlOBNpyb8UctAoSzPVgO3jU1Ngr1LWi36hQPvQWSYPNmbsDkGVE +unB0p8DCN88Yq4z2lDdlHgFIy0IDNixuRp/vBouuvKnpe9zyOkijV83Een0XSUsZ +jmoksFzLzjChlS5fAL3FjtLO5XJGng46dibySWwYx2ragsrNUUSkqTTmU7bOVu9a +zlnQNGR09kJRM77UoET5iSXXroK7xQ26UJkhorW2lXE5nQ97QqX7igWp2u0G74RB +e6y3JqH9W8nV+BHuaCVmW0/j+V/l7T3XGAcbjZw1A4w5kj8YGzv3BpztXxqyHQsy +piewXLTBn8dvgDqd1DLXI5gGxC3KGGZbC7v0rQlu2N6OWg2QRbcVKqlE5HeZxmGV +vwGQs/vcChc3BuxJegw/bnP+y0Ys5tsVLw+kkxM5wbpqhWw+hgOlGHKpJLNpmBxn +T+o84iUWTzpvHgHiw6ShJK50AxSbNzDWdbo7p6e0EPHG4Gj41bwO4zVzmQrFz//D +txVBvoATTZYMLF5owdCO+rO6s/xuC3s04pk7GpmDmi/G51oiz7hIhxJyhQARAQAB +tC5EZWJpYW4gUmVwcm9kdWNpYmxlIEJ1aWxkcyBBcmNoaXZlIFNpZ25pbmcgS2V5 +iQI9BBMBCAAnBQJULMv4AhsDBQkFo5qABQsJCAcDBRUKCQgLBRYDAgEAAh4BAheA +AAoJEF23ymfqWaMfFsMP/3jthq65H9avuM469jHcugcd0C5b7/DS+cGQ5E4NQIGL +6tGsqv5k6Nb0MoMMEAQSmWeXRkbYYxmEkrREMNg8tPlh4NiJimH3neNfI+8fGiHY +89FH7QDrrzGfMF9oJQ9zjWZTOs3bjJ4AfS4fkQiQ6UfO7TeMyz5Cw7kz+rS1m1tu ++RgHxD+6A+XxkIZnw5we1MH0SAFoq4j3boR8QkFUNMZsy97xWYON4QLpYwKCbiwL +Q4y06YTw4A7lp+B2JKLc70yRcjbixeAFlZfbhmGITTNAl3j8+48hRLLkJ+s8eT1r +DS1UkYi2xBSNa6TVtNxbDUwVTzzxDe+b8tW2BfC7TBOX2oq6e6ebRa+ghZFVLNY1 +3y+FilXGNMB7IvZ378idHYTNaiJuYXNkrd8UGunwK4NCWdZk05L9GdKeQ6DN380Y +L4QkKpINXSKjneWV7IITMFhvRZCgOVAmoHaq6kaGsl/FwHBA9I8hHXuSyvke8UMP +dmvR8ggv5wiY9NDjW55h7M+UIqEaoXws1algIKB/TWm4/RnQcrxoXBX16wyidzcv +Mb0BawlXZui0MNUSnZtxHMxrjejdvZdqtskHl9srB1QThH0jasmUqbQPxCnxMbf1 +4LhIp6XlXJFF1btgfCexNmcPuqeOMMDQ+du6Hqj2Yl5GYo2McWvjpSgkt5VmQfIz +=X8YA +-----END PGP PUBLIC KEY BLOCK-----" | apt-key add - +EOF +} + bootstrap() { mkdir -p "$CHROOT_TARGET/etc/dpkg/dpkg.cfg.d" echo force-unsafe-io > "$CHROOT_TARGET/etc/dpkg/dpkg.cfg.d/02dpkg-unsafe-io" @@ -58,6 +97,14 @@ bootstrap() { echo "${EXTRA_PACKAGES}" | sudo tee -a $CHROOT_TARGET/etc/apt/sources.list >/dev/null echo "${EXTRA_SOURCES}" | sudo tee -a $CHROOT_TARGET/etc/apt/sources.list >/dev/null + if [ "$1" == "reproducible" ] ; then + TMPFILE=$(mktemp -u) + add_repokey $CHROOT_TARGET/$TMPFILE + sudo chroot $CHROOT_TARGET $TMPFILE + rm $TMPFILE + shift + fi + sudo chroot $CHROOT_TARGET apt-get update if [ -n "$1" ] ; then for d in proc dev dev/pts ; do -- cgit v1.2.3-70-g09d2