[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[edgebsd-developers] [PATCH] Added support for creating signed binary packages directly
- To: undisclosed-recipients:;
- Subject: [edgebsd-developers] [PATCH] Added support for creating signed binary packages directly
- From: Pierre Pronchery <khorben@xxxxxxxxxxx>
- Date: Fri, 30 Aug 2013 01:26:23 +0200
- Delivered-to: edgebsd-developers@xxxxxxxxxxxxxxxxx
- List-archive: http://lists.edgebsd.org/edgebsd-developers/
- List-help: <mailto:minimalist@lists.edgebsd.org?subject=help>
- List-id: <edgebsd-developers.lists.edgebsd.org>
- List-owner: <mailto:edgebsd-developers-owner@lists.edgebsd.org>
- List-post: <mailto:edgebsd-developers@lists.edgebsd.org>
- List-subscribe: <mailto:minimalist@lists.edgebsd.org?subject=subscribe%20edgebsd-developers>
- List-unsubscribe: <mailto:minimalist@lists.edgebsd.org?subject=unsubscribe%20edgebsd-developers>
--- mk/defaults/mk.conf | 15 +++++++++++++++ mk/pkgformat/pkg/package.mk | 12 ++++++++++++ 2 files changed, 27 insertions(+), 0 deletions(-) diff --git a/mk/defaults/mk.conf b/mk/defaults/mk.conf index 46b89a2..86e4f06 100644 --- a/mk/defaults/mk.conf +++ b/mk/defaults/mk.conf @@ -60,6 +60,21 @@ GZIP?= -9 # Possible: not defined, no # Default: yes +#SIGN_PACKAGES= +# sign the packages generated (when supported) with the method specified. +# Possible: gpg, x509, not defined +# Default: not defined + +#X509_KEY= +# key to use when signing packages with an X509 certificate. +# Possible: pathname to the key file, not defined +# Default: not defined + +#X509_CERTIFICATE= +# certificate to use when signing packages with an X509 certificate. +# Possible: pathname to the X509 certificate, not defined +# Default: not defined + #OBJHOSTNAME= # use hostname-specific object directories, e.g. work.amnesiac, work.localhost # OBJHOSTNAME takes precedence over OBJMACHINE (see below). diff --git a/mk/pkgformat/pkg/package.mk b/mk/pkgformat/pkg/package.mk index bfbfe57..3a0175b 100644 --- a/mk/pkgformat/pkg/package.mk +++ b/mk/pkgformat/pkg/package.mk @@ -77,12 +77,24 @@ ${STAGE_PKGFILE}: ${_CONTENTS_TARGETS} fi .if ${_USE_DESTDIR} != "no" +.if !empty(SIGN_PACKAGES:Mgpg) +${PKGFILE}: ${STAGE_PKGFILE} + ${RUN} ${MKDIR} ${.TARGET:H} + @${STEP_MSG} "Creating signed binary package ${.TARGET}" + ${PKG_ADMIN} gpg-sign-package ${STAGE_PKGFILE} ${PKGFILE} +.elif !empty(SIGN_PACKAGES:Mx509) +${PKGFILE}: ${STAGE_PKGFILE} + ${RUN} ${MKDIR} ${.TARGET:H} + @${STEP_MSG} "Creating signed binary package ${.TARGET}" + ${PKG_ADMIN} x509-sign-package ${STAGE_PKGFILE} ${PKGFILE} ${X509_KEY} ${X509_CERTIFICATE} +.else ${PKGFILE}: ${STAGE_PKGFILE} ${RUN} ${MKDIR} ${.TARGET:H} @${STEP_MSG} "Creating binary package ${.TARGET}" ${LN} -f ${STAGE_PKGFILE} ${PKGFILE} 2>/dev/null || \ ${CP} -pf ${STAGE_PKGFILE} ${PKGFILE} .endif +.endif ###################################################################### ### package-remove (PRIVATE) -- 1.7.2.5
EdgeBSD developers <edgebsd-developers@xxxxxxxxxxxxxxxxx>
- Prev by Date: [edgebsd-developers] [PATCH] Added support for creating signed binary packages directly
- Next by Date: Re: [edgebsd-developers] [PATCH] Added support for creating signed binary packages directly
- Previous by thread: Re: [edgebsd-developers] [PATCH] Added support for creating signed binary packages directly
- Index(es):