From ee34869e8934fe55562a84c4eac055256b7c42f0 Mon Sep 17 00:00:00 2001 From: Geoffroy Carrier Date: Mon, 2 Jun 2008 10:27:00 +0200 Subject: Add GPG signature support to makepkg This is a rather simple patch to add signing support to makepkg. Add a create_signature() to makepkg, add a 'sign' BUILDENV option in makepkg.conf, and document the changes in the makepkg.conf manpage. Signed-off-by: Geoffroy Carrier Signed-off-by: Dan McGee --- doc/makepkg.conf.5.txt | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) (limited to 'doc') diff --git a/doc/makepkg.conf.5.txt b/doc/makepkg.conf.5.txt index 61302492..a9faa14d 100644 --- a/doc/makepkg.conf.5.txt +++ b/doc/makepkg.conf.5.txt @@ -70,7 +70,7 @@ Options This is often used to set the number of jobs used, for example, `-j2`. Other flags that make accepts can also be passed. -**BUILDENV=(**fakeroot !distcc color !ccache**)**:: +**BUILDENV=(**fakeroot !distcc color !ccache !sign**)**:: This array contains options that affect the build environment, the defaults are shown here. All options should always be left in the array; to enable or disable an option simply remove or place an ``!'' at the front of the @@ -98,6 +98,13 @@ Options enabled or disabled for individual packages through the use of makepkg's `--check` and `--nocheck` options respectively. + *sign*;; + Generate a PGP signature file using GnuPG. This will execute `gpg + --detach-sign --use-agent` on the built package to generate a detached + signature file, using the GPG agent if it is available. The signature + file will be the entire filename of the package with a ``.sig'' + extension. + **DISTCC_HOSTS=**"host1 ...":: If using DistCC, this is used to specify a space-delimited list of hosts running in the DistCC cluster. In addition, you will want to modify your -- cgit v1.2.3-54-g00ecf From a4120f2015ae4d5880642e16c81acadbab77555d Mon Sep 17 00:00:00 2001 From: Dan McGee Date: Mon, 24 Aug 2009 13:23:44 -0500 Subject: repo-add: allow signing of the package database In order to be fully secure, we can't only sign packages. We also need to sign our repository metadata to prevent database falsification, dependency injection, etc. Add an '-s/--sign' option that allows this functionality, and will generate a .sig file side-by-side with the package database. While at it, fix the issue where a signature file would never be found because of 'cd' madness (this needs fixing in another commit). Signed-off-by: Dan McGee --- doc/repo-add.8.txt | 7 +++++++ scripts/repo-add.sh.in | 23 +++++++++++++++++++++++ 2 files changed, 30 insertions(+) (limited to 'doc') diff --git a/doc/repo-add.8.txt b/doc/repo-add.8.txt index 75f49ef5..26009f67 100644 --- a/doc/repo-add.8.txt +++ b/doc/repo-add.8.txt @@ -43,6 +43,13 @@ Options Force this program to keep quiet and run silent except for warning and error messages. +*-s, \--sign*:: + Generate a PGP signature file using GnuPG. This will execute `gpg + --detach-sign --use-agent` on the generated database to generate a detached + signature file, using the GPG agent if it is available. The signature file + will be the entire filename of the database with a ``.sig'' extension. + + See Also -------- linkman:makepkg[8], linkman:pacman[8] diff --git a/scripts/repo-add.sh.in b/scripts/repo-add.sh.in index 70cfd63c..ebe226a1 100644 --- a/scripts/repo-add.sh.in +++ b/scripts/repo-add.sh.in @@ -30,6 +30,7 @@ confdir='@sysconfdir@' QUIET=0 DELTA=0 WITHFILES=0 +SIGN=0 REPO_DB_FILE= LOCKFILE= CLEAN_LOCK=0 @@ -184,6 +185,24 @@ db_remove_delta() return 1 } # end db_remove_delta +# sign the package database once repackaged +create_signature() { + (( ! SIGN )) && return + local dbfile="$1" + local ret=0 + msg "$(gettext "Signing database...")" + if [ ! $(type -p "gpg") ]; then + error "$(gettext "Cannot find the gpg binary! Is gnupg installed?")" + exit 1 # $E_MISSING_PROGRAM + fi + gpg --detach-sign --use-agent "$dbfile" || ret=$? + if (( ! ret )); then + msg2 "$(gettext "Created signature file %s.")" "$dbfile.sig" + else + warning "$(gettext "Failed to sign package database.")" + fi +} + # write an entry to the pacman database # arg1 - path to package db_write_entry() @@ -488,6 +507,7 @@ for arg in "$@"; do -q|--quiet) QUIET=1;; -d|--delta) DELTA=1;; -f|--files) WITHFILES=1;; + -s|--sign) SIGN=1;; *) if [[ -z $REPO_DB_FILE ]]; then REPO_DB_FILE="$arg" @@ -520,6 +540,7 @@ if (( success )); then pushd "$tmpdir" >/dev/null if [[ -n $(ls) ]]; then bsdtar -c${TAR_OPT}f "$filename" * + create_signature "$filename" else # we have no packages remaining? zip up some emptyness warning "$(gettext "No packages remain, creating empty database.")" @@ -528,7 +549,9 @@ if (( success )); then popd >/dev/null [[ -f $REPO_DB_FILE ]] && mv -f "$REPO_DB_FILE" "${REPO_DB_FILE}.old" + [[ -f $REPO_DB_FILE.sig ]] && rm -f "$REPO_DB_FILE.sig" [[ -f $tmpdir/$filename ]] && mv "$tmpdir/$filename" "$REPO_DB_FILE" + [[ -f $tmpdir/$filename.sig ]] && mv "$tmpdir/$filename.sig" "$REPO_DB_FILE.sig" dblink="${REPO_DB_FILE%.tar.*}" target=${REPO_DB_FILE##*/} ln -sf "$target" "$dblink" 2>/dev/null || \ -- cgit v1.2.3-54-g00ecf