diff options
author | Geoffroy Carrier <geoffroy.carrier@koon.fr> | 2008-06-02 10:27:00 +0200 |
---|---|---|
committer | Dan McGee <dan@archlinux.org> | 2011-03-22 23:52:00 -0500 |
commit | ee34869e8934fe55562a84c4eac055256b7c42f0 (patch) | |
tree | 9bb0d3cd49926298cb4d58fb8aea98ddcae53dce | |
parent | 0ff52b68452046d61c24649ec94886bd74faab45 (diff) | |
download | pacman-ee34869e8934fe55562a84c4eac055256b7c42f0.tar.xz |
Add GPG signature support to makepkg
This is a rather simple patch to add signing support to makepkg. Add a
create_signature() to makepkg, add a 'sign' BUILDENV option in makepkg.conf,
and document the changes in the makepkg.conf manpage.
Signed-off-by: Geoffroy Carrier <geoffroy.carrier@koon.fr>
Signed-off-by: Dan McGee <dan@archlinux.org>
-rw-r--r-- | doc/makepkg.conf.5.txt | 9 | ||||
-rw-r--r-- | etc/makepkg.conf.in | 5 | ||||
-rw-r--r-- | scripts/makepkg.sh.in | 21 |
3 files changed, 32 insertions, 3 deletions
diff --git a/doc/makepkg.conf.5.txt b/doc/makepkg.conf.5.txt index 61302492..a9faa14d 100644 --- a/doc/makepkg.conf.5.txt +++ b/doc/makepkg.conf.5.txt @@ -70,7 +70,7 @@ Options This is often used to set the number of jobs used, for example, `-j2`. Other flags that make accepts can also be passed. -**BUILDENV=(**fakeroot !distcc color !ccache**)**:: +**BUILDENV=(**fakeroot !distcc color !ccache !sign**)**:: This array contains options that affect the build environment, the defaults are shown here. All options should always be left in the array; to enable or disable an option simply remove or place an ``!'' at the front of the @@ -98,6 +98,13 @@ Options enabled or disabled for individual packages through the use of makepkg's `--check` and `--nocheck` options respectively. + *sign*;; + Generate a PGP signature file using GnuPG. This will execute `gpg + --detach-sign --use-agent` on the built package to generate a detached + signature file, using the GPG agent if it is available. The signature + file will be the entire filename of the package with a ``.sig'' + extension. + **DISTCC_HOSTS=**"host1 ...":: If using DistCC, this is used to specify a space-delimited list of hosts running in the DistCC cluster. In addition, you will want to modify your diff --git a/etc/makepkg.conf.in b/etc/makepkg.conf.in index 81a11b1d..286e2a84 100644 --- a/etc/makepkg.conf.in +++ b/etc/makepkg.conf.in @@ -39,7 +39,7 @@ CXXFLAGS="@CARCHFLAGS@-mtune=generic -O2 -pipe" # BUILD ENVIRONMENT ######################################################################### # -# Defaults: BUILDENV=(fakeroot !distcc color !ccache check) +# Defaults: BUILDENV=(fakeroot !distcc color !ccache check !sign) # A negated environment option will do the opposite of the comments below. # #-- fakeroot: Allow building packages as a non-root user @@ -47,8 +47,9 @@ CXXFLAGS="@CARCHFLAGS@-mtune=generic -O2 -pipe" #-- color: Colorize output messages #-- ccache: Use ccache to cache compilation #-- check: Run the check() function if present in the PKGBUILD +#-- sign: Generate PGP signature file # -BUILDENV=(fakeroot !distcc color !ccache check) +BUILDENV=(fakeroot !distcc color !ccache check !sign) # #-- If using DistCC, your MAKEFLAGS will also need modification. In addition, #-- specify a space-delimited list of hosts running in the DistCC cluster. diff --git a/scripts/makepkg.sh.in b/scripts/makepkg.sh.in index bb7616cf..f28097f6 100644 --- a/scripts/makepkg.sh.in +++ b/scripts/makepkg.sh.in @@ -1099,6 +1099,25 @@ create_package() { fi } +create_signature() { + if [[ $(check_buildenv sign) != "y" ]]; then + return + fi + local ret=0 + local filename="$PKGDEST/${pkgname}-${pkgver}-${pkgrel}-${CARCH}${PKGEXT}" + msg "$(gettext "Signing package...")" + if [ ! $(type -p "gpg") ]; then + error "$(gettext "Cannot find the gpg binary! Is gnupg installed?")" + exit 1 # $E_MISSING_PROGRAM + fi + gpg --detach-sign --use-agent $filename || ret=$? + if (( ! ret )); then + msg2 "$(gettext "Created signature file %s.")" $filename.sig + else + warning "$(gettext "Failed to sign package file.")" + fi +} + create_srcpackage() { cd "$startdir" @@ -2115,6 +2134,8 @@ fi fullver=$(get_full_version $epoch $pkgver $pkgrel) msg "$(gettext "Finished making: %s")" "$pkgbase $fullver ($(date))" +create_signature + install_package exit 0 #E_OK |