summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorGeoffroy Carrier <geoffroy.carrier@koon.fr>2008-06-02 10:27:00 +0200
committerDan McGee <dan@archlinux.org>2011-03-22 23:52:00 -0500
commitee34869e8934fe55562a84c4eac055256b7c42f0 (patch)
tree9bb0d3cd49926298cb4d58fb8aea98ddcae53dce
parent0ff52b68452046d61c24649ec94886bd74faab45 (diff)
downloadpacman-ee34869e8934fe55562a84c4eac055256b7c42f0.tar.xz
Add GPG signature support to makepkg
This is a rather simple patch to add signing support to makepkg. Add a create_signature() to makepkg, add a 'sign' BUILDENV option in makepkg.conf, and document the changes in the makepkg.conf manpage. Signed-off-by: Geoffroy Carrier <geoffroy.carrier@koon.fr> Signed-off-by: Dan McGee <dan@archlinux.org>
-rw-r--r--doc/makepkg.conf.5.txt9
-rw-r--r--etc/makepkg.conf.in5
-rw-r--r--scripts/makepkg.sh.in21
3 files changed, 32 insertions, 3 deletions
diff --git a/doc/makepkg.conf.5.txt b/doc/makepkg.conf.5.txt
index 61302492..a9faa14d 100644
--- a/doc/makepkg.conf.5.txt
+++ b/doc/makepkg.conf.5.txt
@@ -70,7 +70,7 @@ Options
This is often used to set the number of jobs used, for example, `-j2`.
Other flags that make accepts can also be passed.
-**BUILDENV=(**fakeroot !distcc color !ccache**)**::
+**BUILDENV=(**fakeroot !distcc color !ccache !sign**)**::
This array contains options that affect the build environment, the defaults
are shown here. All options should always be left in the array; to enable
or disable an option simply remove or place an ``!'' at the front of the
@@ -98,6 +98,13 @@ Options
enabled or disabled for individual packages through the use of
makepkg's `--check` and `--nocheck` options respectively.
+ *sign*;;
+ Generate a PGP signature file using GnuPG. This will execute `gpg
+ --detach-sign --use-agent` on the built package to generate a detached
+ signature file, using the GPG agent if it is available. The signature
+ file will be the entire filename of the package with a ``.sig''
+ extension.
+
**DISTCC_HOSTS=**"host1 ..."::
If using DistCC, this is used to specify a space-delimited list of hosts
running in the DistCC cluster. In addition, you will want to modify your
diff --git a/etc/makepkg.conf.in b/etc/makepkg.conf.in
index 81a11b1d..286e2a84 100644
--- a/etc/makepkg.conf.in
+++ b/etc/makepkg.conf.in
@@ -39,7 +39,7 @@ CXXFLAGS="@CARCHFLAGS@-mtune=generic -O2 -pipe"
# BUILD ENVIRONMENT
#########################################################################
#
-# Defaults: BUILDENV=(fakeroot !distcc color !ccache check)
+# Defaults: BUILDENV=(fakeroot !distcc color !ccache check !sign)
# A negated environment option will do the opposite of the comments below.
#
#-- fakeroot: Allow building packages as a non-root user
@@ -47,8 +47,9 @@ CXXFLAGS="@CARCHFLAGS@-mtune=generic -O2 -pipe"
#-- color: Colorize output messages
#-- ccache: Use ccache to cache compilation
#-- check: Run the check() function if present in the PKGBUILD
+#-- sign: Generate PGP signature file
#
-BUILDENV=(fakeroot !distcc color !ccache check)
+BUILDENV=(fakeroot !distcc color !ccache check !sign)
#
#-- If using DistCC, your MAKEFLAGS will also need modification. In addition,
#-- specify a space-delimited list of hosts running in the DistCC cluster.
diff --git a/scripts/makepkg.sh.in b/scripts/makepkg.sh.in
index bb7616cf..f28097f6 100644
--- a/scripts/makepkg.sh.in
+++ b/scripts/makepkg.sh.in
@@ -1099,6 +1099,25 @@ create_package() {
fi
}
+create_signature() {
+ if [[ $(check_buildenv sign) != "y" ]]; then
+ return
+ fi
+ local ret=0
+ local filename="$PKGDEST/${pkgname}-${pkgver}-${pkgrel}-${CARCH}${PKGEXT}"
+ msg "$(gettext "Signing package...")"
+ if [ ! $(type -p "gpg") ]; then
+ error "$(gettext "Cannot find the gpg binary! Is gnupg installed?")"
+ exit 1 # $E_MISSING_PROGRAM
+ fi
+ gpg --detach-sign --use-agent $filename || ret=$?
+ if (( ! ret )); then
+ msg2 "$(gettext "Created signature file %s.")" $filename.sig
+ else
+ warning "$(gettext "Failed to sign package file.")"
+ fi
+}
+
create_srcpackage() {
cd "$startdir"
@@ -2115,6 +2134,8 @@ fi
fullver=$(get_full_version $epoch $pkgver $pkgrel)
msg "$(gettext "Finished making: %s")" "$pkgbase $fullver ($(date))"
+create_signature
+
install_package
exit 0 #E_OK