Gavin Beatty wrote:
Hello,
Apologies if this is silly/misplaced/misguided.
I'd like a way to automate decrypting (via gpg) a file, installing the
decrypted form and removing the temporary decrypted file from the
cmake dir.
I have tried:
<code>
MACRO(ETC_WPA_INSTALL src)
EXEC_PROGRAM(gpg
ARGS -o ${src} -d "${src}.encrypted"
)
INSTALL(FILES ${src}
DESTINATION /etc/wpa_supplicant
PERMISSIONS OWNER_READ OWNER_WRITE
RENAME wpa_supplicant.conf
)
FILE(REMOVE ${src})
ENDMACRO(ETC_WPA_INSTALL src)
</code>
but the INSTALL doesn't actually run until `make install` (as
expected) whereas everything else does. So I get a decrypted file
which is immediately removed when I run `cmake .`! How silly of me
Is there a way to have the decryption as a dependency of install
target and have the removal at the end also?
How would you implement this?
Something to think about:
You want to decrypt and install the file without leaving it around in
the build dir. Why? If you're doing an install, the person installing it
should be root and therefore trustworthy (they'll have read access to
/etc/wpa_supplicant.conf, anyway). Then there's the problem of the
decryption key. If your build system can get this key, surely the user
can, too.
Killing the make process at the right moment would leave the decrypted
file lying around, as well.
Is what you think you want what you actually need?
Perhaps you should look at INSTALL(CODE "<Some CMake Code>") which
executes CMake code during installation. I'll stab in the dark here with:
FIND_PROGRAM(INSTALL_EXECUTABLE install)
IF(NOT INSTALL_EXECUTABLE)
# Die, somehow
ENDIF(NOT INSTALL_EXECUTABLE)
FIND_PROGRAM(GPG_EXECUTABLE gpg)
IF(NOT GPG_EXECUTABLE)
# Die
ENDIF(NOT GPG_EXECUTABLE)
MACRO(ETC_WPA_INSTALL FILE)
EXEC_PROGRAM(${GPG_EXECUTABLE} ARGS -o ${FILE} -d ${FILE}.encrypted)
EXEC_PROGRAM(${INSTALL_EXECUTABLE) -m 600 ${FILE}
/etc/wpa_supplicant/wpa_supplicant.conf)
FILE(REMOVE ${FILE})
ENDMACRO(ETC_WPA_INSTALL)
INSTALL(CODE "ETC_WPA_INSTALL(file)")
This isn't so great because it depends on an install program, but it
might get you thinking.
-- Jack
_______________________________________________
CMake mailing list
[email protected]
http://www.cmake.org/mailman/listinfo/cmake
