Hello community,
here is the log from the commit of package pesign-obs-integration for
openSUSE:Factory checked in at 2014-04-05 16:50:11
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/pesign-obs-integration (Old)
and /work/SRC/openSUSE:Factory/.pesign-obs-integration.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "pesign-obs-integration"
Changes:
--------
---
/work/SRC/openSUSE:Factory/pesign-obs-integration/pesign-obs-integration.changes
2013-06-18 15:30:23.000000000 +0200
+++
/work/SRC/openSUSE:Factory/.pesign-obs-integration.new/pesign-obs-integration.changes
2014-04-05 16:50:17.000000000 +0200
@@ -1,0 +2,28 @@
+Thu Apr 3 12:01:54 CEST 2014 - [email protected]
+
+- pesign-gen-repackage-spec: switch to new rpm style handling
+ of weak dependencies
+
+-------------------------------------------------------------------
+Thu Jan 16 15:12:22 UTC 2014 - [email protected]
+
+- Do not sign any files if BRP_PESIGN_FILES is set not an empty
+ string (bnc#857599).
+
+-------------------------------------------------------------------
+Tue Jan 7 09:50:58 UTC 2014 - [email protected]
+
+- Fix a typo in the last change.
+
+-------------------------------------------------------------------
+Mon Jan 6 22:08:41 UTC 2014 - [email protected]
+
+- Default to BRP_PESIGN_FILES="*.ko /lib/firmware" (bnc#857599).
+
+-------------------------------------------------------------------
+Mon Jan 6 16:35:30 UTC 2014 - [email protected]
+
+- Add --signatures=<directory> option to modsign-repackage
+ (bnc#841627).
+
+-------------------------------------------------------------------
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ pesign-obs-integration.spec ++++++
--- /var/tmp/diff_new_pack.s5xCpp/_old 2014-04-05 16:50:18.000000000 +0200
+++ /var/tmp/diff_new_pack.s5xCpp/_new 2014-04-05 16:50:18.000000000 +0200
@@ -1,7 +1,7 @@
#
# spec file for package pesign-obs-integration
#
-# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
++++++ brp-99-pesign ++++++
--- /var/tmp/diff_new_pack.s5xCpp/_old 2014-04-05 16:50:18.000000000 +0200
+++ /var/tmp/diff_new_pack.s5xCpp/_new 2014-04-05 16:50:18.000000000 +0200
@@ -22,7 +22,10 @@
set -e
-files=${BRP_PESIGN_FILES}
+files="*.ko /lib/firmware"
+if test -n "${BRP_PESIGN_FILES+x}"; then
+ files=${BRP_PESIGN_FILES}
+fi
output=
while test $# -gt 0; do
case "$1" in
++++++ modsign-repackage ++++++
--- /var/tmp/diff_new_pack.s5xCpp/_old 2014-04-05 16:50:18.000000000 +0200
+++ /var/tmp/diff_new_pack.s5xCpp/_new 2014-04-05 16:50:18.000000000 +0200
@@ -20,7 +20,7 @@
USAGE="$0 --key <private key> --certificate <x509 cert> rpm ..."
-options=`getopt -o hk:c: --long help,key:,certificate: -- "$@"`
+options=`getopt -o hk:c:s: --long help,key:,certificate:,signatures: -- "$@"`
if test $? -ne 0; then
echo "$USAGE" >&2
exit 1
@@ -28,6 +28,7 @@
eval set -- "$options"
key=
cert=
+sig_dir=
while :; do
case "$1" in
-k|--key)
@@ -38,6 +39,10 @@
cert=$2
shift 2
;;
+ -s|--signatures)
+ sig_dir=$2
+ shift 2
+ ;;
-h|--help)
echo "$USAGE"
exit
@@ -47,13 +52,18 @@
break
esac
done
-if test -z "$key" -o -z "$cert"; then
- echo "$0: The --key and --certificate options are mandatory" >&2
- echo "$USAGE" >&2
- exit 1
+err=
+if test -n "$key" -a -n "$sig_dir"; then
+ err="Cannot use both --key and --signatures"
+elif test -z "$key" -a -z "$sig_dir"; then
+ err="Please specify either --key or --signatures"
+elif test -z "$cert"; then
+ err="Please specify --certificate"
+elif test "$#" -eq 0; then
+ err="No packages specified"
fi
-if test "$#" -eq 0; then
- echo "$0: No packages specified" >&2
+if test -n "$err"; then
+ echo "$0: $err" >&2
echo "$USAGE" >&2
exit 1
fi
@@ -107,9 +117,20 @@
done
set -e
echo "Signing kernel modules..."
-for module in $(find "$buildroot" -type f -name '*.ko'); do
- /usr/lib/rpm/pesign/kernel-sign-file \
- sha256 "$key" "$cert" "$module"
+for module in $(find "$buildroot" -type f -name '*.ko' -printf '%P\n'); do
+ if test -n "$key"; then
+ /usr/lib/rpm/pesign/kernel-sign-file \
+ sha256 "$key" "$cert" "$buildroot/$module"
+ else
+ raw_sig="$sig_dir/$module.sig"
+ if test ! -e "$raw_sig"; then
+ echo "$module.sig not found in $sig_dir" >&2
+ exit 1
+ fi
+ /usr/lib/rpm/pesign/kernel-sign-file \
+ -s "$raw_sig" sha256 "$cert" "$buildroot/$module"
+ fi
+
done
# Add the certificate
mkdir -p "$buildroot/etc/uefi/certs"
++++++ pesign-gen-repackage-spec ++++++
--- /var/tmp/diff_new_pack.s5xCpp/_old 2014-04-05 16:50:18.000000000 +0200
+++ /var/tmp/diff_new_pack.s5xCpp/_new 2014-04-05 16:50:18.000000000 +0200
@@ -122,14 +122,10 @@
obsoletes => "obsolete",
provides => "provide",
requires => "require",
- suggests => "suggests",
- enhances => "enhances",
-);
-
-# strong version of suggests and enhances
-my %dep2strong = (
- suggests => "recommends",
- enhances => "supplements",
+ suggests => "suggest",
+ enhances => "enhance",
+ recommends => "recommend",
+ supplements => "supplement",
);
# specfile scriptlet => rpm tag name
@@ -310,7 +306,6 @@
">" => (1 << 2),
"=" => (1 << 3),
rpmlib => (1 << 24),
- strong => (1 << 27),
);
sub print_deps {
@@ -319,11 +314,7 @@
foreach my $d (@$list) {
next if ($d->{flags} & $depflags{rpmlib});
- if ($d->{flags} & $depflags{strong}) {
- print SPEC $dep2strong{$depname};
- } else {
- print SPEC $depname;
- }
+ print SPEC $depname;
my @deptypes;
while (my ($type, $bit) = each(%deptypes)) {
push(@deptypes, $type) if $d->{flags} & $bit;
--
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
