summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--.gitignore8
-rw-r--r--.gnupg/gpg.conf196
-rw-r--r--.makepkg.conf8
-rw-r--r--.ssh/authorized_keys0
-rw-r--r--bin/autobuild.c56
-rwxr-xr-xbin/autobuild.sh88
-rwxr-xr-xbin/setup22
7 files changed, 378 insertions, 0 deletions
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..39325fa
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,8 @@
+/packages/
+
+/.ssh/id_*
+
+/.gnupg/*
+!/.gnupg/gpg.conf
+
+*~
diff --git a/.gnupg/gpg.conf b/.gnupg/gpg.conf
new file mode 100644
index 0000000..942678f
--- /dev/null
+++ b/.gnupg/gpg.conf
@@ -0,0 +1,196 @@
+# Options for GnuPG
+# Copyright 1998, 1999, 2000, 2001, 2002, 2003,
+# 2010 Free Software Foundation, Inc.
+#
+# This file is free software; as a special exception the author gives
+# unlimited permission to copy and/or distribute it, with or without
+# modifications, as long as this notice is preserved.
+#
+# This file is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY, to the extent permitted by law; without even the
+# implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+#
+# Unless you specify which option file to use (with the command line
+# option "--options filename"), GnuPG uses the file ~/.gnupg/gpg.conf
+# by default.
+#
+# An options file can contain any long options which are available in
+# GnuPG. If the first non white space character of a line is a '#',
+# this line is ignored. Empty lines are also ignored.
+#
+# See the man page for a list of options.
+
+# Uncomment the following option to get rid of the copyright notice
+
+#no-greeting
+
+# If you have more than 1 secret key in your keyring, you may want to
+# uncomment the following option and set your preferred keyid.
+
+#default-key 621CC013
+
+# If you do not pass a recipient to gpg, it will ask for one. Using
+# this option you can encrypt to a default key. Key validation will
+# not be done in this case. The second form uses the default key as
+# default recipient.
+
+#default-recipient some-user-id
+#default-recipient-self
+
+# By default GnuPG creates version 4 signatures for data files as
+# specified by OpenPGP. Some earlier (PGP 6, PGP 7) versions of PGP
+# require the older version 3 signatures. Setting this option forces
+# GnuPG to create version 3 signatures.
+
+#force-v3-sigs
+
+# Because some mailers change lines starting with "From " to ">From "
+# it is good to handle such lines in a special way when creating
+# cleartext signatures; all other PGP versions do it this way too.
+# To enable full OpenPGP compliance you may want to use this option.
+
+#no-escape-from-lines
+
+# When verifying a signature made from a subkey, ensure that the cross
+# certification "back signature" on the subkey is present and valid.
+# This protects against a subtle attack against subkeys that can sign.
+# Defaults to --no-require-cross-certification. However for new
+# installations it should be enabled.
+
+require-cross-certification
+
+
+# If you do not use the Latin-1 (ISO-8859-1) charset, you should tell
+# GnuPG which is the native character set. Please check the man page
+# for supported character sets. This character set is only used for
+# metadata and not for the actual message which does not undergo any
+# translation. Note that future version of GnuPG will change to UTF-8
+# as default character set.
+
+#charset utf-8
+
+# Group names may be defined like this:
+# group mynames = paige 0x12345678 joe patti
+#
+# Any time "mynames" is a recipient (-r or --recipient), it will be
+# expanded to the names "paige", "joe", and "patti", and the key ID
+# "0x12345678". Note there is only one level of expansion - you
+# cannot make an group that points to another group. Note also that
+# if there are spaces in the recipient name, this will appear as two
+# recipients. In these cases it is better to use the key ID.
+
+#group mynames = paige 0x12345678 joe patti
+
+# Some old Windows platforms require 8.3 filenames. If your system
+# can handle long filenames, uncomment this.
+
+#no-mangle-dos-filenames
+
+# Lock the file only once for the lifetime of a process. If you do
+# not define this, the lock will be obtained and released every time
+# it is needed - normally this is not needed.
+
+#lock-once
+
+# GnuPG can send and receive keys to and from a keyserver. These
+# servers can be HKP, email, or LDAP (if GnuPG is built with LDAP
+# support).
+#
+# Example HKP keyservers:
+# hkp://keys.gnupg.net
+#
+# Example LDAP keyservers:
+# ldap://pgp.surfnet.nl:11370
+#
+# Regular URL syntax applies, and you can set an alternate port
+# through the usual method:
+# hkp://keyserver.example.net:22742
+#
+# If you have problems connecting to a HKP server through a buggy http
+# proxy, you can use keyserver option broken-http-proxy (see below),
+# but first you should make sure that you have read the man page
+# regarding proxies (keyserver option honor-http-proxy)
+#
+# Most users just set the name and type of their preferred keyserver.
+# Note that most servers (with the notable exception of
+# ldap://keyserver.pgp.com) synchronize changes with each other. Note
+# also that a single server name may actually point to multiple
+# servers via DNS round-robin. hkp://keys.gnupg.net is an example of
+# such a "server", which spreads the load over a number of physical
+# servers. To see the IP address of the server actually used, you may use
+# the "--keyserver-options debug".
+
+keyserver hkp://keys.gnupg.net
+#keyserver http://http-keys.gnupg.net
+#keyserver mailto:pgp-public-keys@keys.nl.pgp.net
+
+# Common options for keyserver functions:
+#
+# include-disabled = when searching, include keys marked as "disabled"
+# on the keyserver (not all keyservers support this).
+#
+# no-include-revoked = when searching, do not include keys marked as
+# "revoked" on the keyserver.
+#
+# verbose = show more information as the keys are fetched.
+# Can be used more than once to increase the amount
+# of information shown.
+#
+# use-temp-files = use temporary files instead of a pipe to talk to the
+# keyserver. Some platforms (Win32 for one) always
+# have this on.
+#
+# keep-temp-files = do not delete temporary files after using them
+# (really only useful for debugging)
+#
+# honor-http-proxy = if the keyserver uses HTTP, honor the http_proxy
+# environment variable
+#
+# broken-http-proxy = try to work around a buggy HTTP proxy
+#
+# auto-key-retrieve = automatically fetch keys as needed from the keyserver
+# when verifying signatures or when importing keys that
+# have been revoked by a revocation key that is not
+# present on the keyring.
+#
+# no-include-attributes = do not include attribute IDs (aka "photo IDs")
+# when sending keys to the keyserver.
+
+#keyserver-options auto-key-retrieve
+
+# Uncomment this line to display photo user IDs in key listings and
+# when a signature from a key with a photo is verified.
+
+#show-photos
+
+# Use this program to display photo user IDs
+#
+# %i is expanded to a temporary file that contains the photo.
+# %I is the same as %i, but the file isn't deleted afterwards by GnuPG.
+# %k is expanded to the key ID of the key.
+# %K is expanded to the long OpenPGP key ID of the key.
+# %t is expanded to the extension of the image (e.g. "jpg").
+# %T is expanded to the MIME type of the image (e.g. "image/jpeg").
+# %f is expanded to the fingerprint of the key.
+# %% is %, of course.
+#
+# If %i or %I are not present, then the photo is supplied to the
+# viewer on standard input. If your platform supports it, standard
+# input is the best way to do this as it avoids the time and effort in
+# generating and then cleaning up a secure temp file.
+#
+# The default program is "xloadimage -fork -quiet -title 'KeyID 0x%k' stdin"
+# On Mac OS X and Windows, the default is to use your regular JPEG image
+# viewer.
+#
+# Some other viewers:
+# photo-viewer "qiv %i"
+# photo-viewer "ee %i"
+# photo-viewer "display -title 'KeyID 0x%k'"
+#
+# This one saves a copy of the photo ID in your home directory:
+# photo-viewer "cat > ~/photoid-for-key-%k.%t"
+#
+# Use your MIME handler to view photos:
+# photo-viewer "metamail -q -d -b -c %T -s 'KeyID 0x%k' -f GnuPG"
+
diff --git a/.makepkg.conf b/.makepkg.conf
new file mode 100644
index 0000000..b7245f8
--- /dev/null
+++ b/.makepkg.conf
@@ -0,0 +1,8 @@
+PKGDEST="${HOME}/packages/pkgdest"
+SRCDEST="${HOME}/packages/srcdest"
+SRCPKGDEST="${HOME}/packages/srcpkgdest"
+LOGDEST="${HOME}/packages/logdest"
+BUILDDIR="${HOME}/packages/builddir"
+
+PACKAGER="Parabola automatic package builder <dev@lists.parabolagnulinux.org>"
+GPGKEY=$({ sed -nr 's/^\s*default-key\s+//p' "${HOME}/.gnupg/gpg.conf"; gpg --list-keys|sed -rn 's:^pub\s[^/]*/(\S*)\s.*:\1:p'; }|sed 1q)
diff --git a/.ssh/authorized_keys b/.ssh/authorized_keys
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/.ssh/authorized_keys
diff --git a/bin/autobuild.c b/bin/autobuild.c
new file mode 100644
index 0000000..86d164c
--- /dev/null
+++ b/bin/autobuild.c
@@ -0,0 +1,56 @@
+/* Copyright (C) 2014 Luke Shumaker <lukeshu@sbcglobal.net>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+#define _GNU_SOURCE /* for unsetenv(3) */
+#include <alloca.h> /* for alloca(3) */
+#include <errno.h> /* for errno */
+#include <error.h> /* for error(3) */
+#include <pwd.h> /* for getpwuid(3) */
+#include <stdio.h> /* for printf(3) */
+#include <stdlib.h> /* for unsetenv(3) */
+#include <string.h> /* for strlen(3), strcpy(3) */
+#include <unistd.h> /* for dup2(3), geteuid(3), execl(3) */
+
+void
+usage(const char *cmd)
+{
+ printf("Usage: %s PACKAGE\n", cmd);
+ printf("This command should be run from the git directory of the package source.");
+}
+
+int
+main(int argc, char **argv)
+{
+ if (argc != 2) {
+ dup2(2,1);
+ usage(argv[0]);
+ return 1;
+ }
+
+ const char *home = getpwuid(geteuid())->pw_dir;
+ const char *script_suffix = "/bin/autobuild.sh";
+ char *script = alloca(strlen(home)+strlen(script_suffix));
+ strcpy(script, home);
+ strcpy(&(script[strlen(home)]), script_suffix);
+
+ unsetenv("IFS");
+ unsetenv("PATH");
+ unsetenv("LD_PRELOAD");
+ unsetenv("BASH_ENV");
+
+ execl(script, script, argv[1], NULL);
+ error(127, errno, "%s", script);
+}
diff --git a/bin/autobuild.sh b/bin/autobuild.sh
new file mode 100755
index 0000000..ccf52ea
--- /dev/null
+++ b/bin/autobuild.sh
@@ -0,0 +1,88 @@
+#!/bin/bash
+# Copyright (C) 2014 Luke Shumaker <lukeshu@sbcglobal.net>
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+# Get the date as the *very* first thing
+newpkgver_date=$(LC_ALL=C date -u +%Y%m%d)
+
+################################################################################
+. "$(librelib messages)"
+setup_traps
+
+# Option parsing
+if [[ $# != 1 ]]; then
+ die "%q takes exactly 1 argument" "$0"
+fi
+PACKAGE=$1
+package_re='^[^/]+/[^/]+$'
+if ! [[ $PACKAGE =~ $package_re ]]; then
+ die "PACKAGE must be in the format REPO/PKGBASE: %s" "$PACKAGE"
+fi
+
+# init
+lock 9 "${HOME}/packages/lockdir/${PACKAGE}" "Waiting for previous run of %q to finish" "$0"
+
+. "$(librelib conf)" || exit 1
+load_files libretools || exit 1
+check_vars libretools WORKDIR ABSLIBRERECV ABSLIBRESEND || exit 1
+
+if [[ $PWD != *.git ]]; then
+ die "should be run as a hook from a git repository"
+fi
+newgitver=$(git log -n1 --format='%H' master -- blacklist.txt)
+
+# Get the ABSLibre tree
+gitget -f -p "$ABSLIBRESEND" checkout "$ABSLIBRERECV" "$WORKDIR/abslibre"
+if [[ -f "${WORKDIR}/abslibre/${PACKAGE}/PKGBUILD" ]]; then
+ die "package does not exist in abslibre.git: %s" "$PACKAGE"
+fi
+cd "$WORKDIR/abslibre/${PACKAGE}"
+
+# Figure out info about the last version
+oldgitver=$(sed -n 's/^_gitver=//p' PKGBUILD)
+oldpkgver=$(sed -n 's/^pkgver=//p' PKGBUILD)
+oldpkgver_date=${oldpkgver%%.*}
+oldpkgver_rel=${oldpkgver#${oldpkgver_date}}; oldpkgver_rel=${oldpkgver_rel#.} oldpkgver_rel=${oldpkgver_rel:-0}
+
+# Make sure we actually have changes
+if [[ "$newgitver" == "$oldgitver" ]]; then
+ msg 'blacklist.txt has not changed, nothing to do'
+ exit 0
+fi
+
+# Handle doing multiple versions in the same day
+if [[ "$newpkgver_date" == "$oldpkgver_date" ]]; then
+ declare -i newpkgver_rel=${oldpkgver_rel}+1
+ newpkgver=${newpkgver_date}.${newpkgver_rel}
+else
+ newpkgver=${newpkgver_date}
+fi
+
+# Update the PKGBUILD
+sed -i -e 's|^pkgver=.*|pkgver=${newpkgver}|' \
+ -e 's|^_gitver=.*|_gitver=${newgitver}|' \
+ -e 's|^pkgrel=.*|pkgrel=1|' \
+ PKGBUILD
+updpkgsums
+git add PKGBUILD
+git commit -m 'Update libre/your-freedom'
+
+# Build the new package
+makepkg
+librestage libre
+
+# Publish the updates
+git push
+librerelease
diff --git a/bin/setup b/bin/setup
new file mode 100755
index 0000000..ea6b92c
--- /dev/null
+++ b/bin/setup
@@ -0,0 +1,22 @@
+#!/usr/bin/make -f
+
+CFLAGS += -std=c99 -Wall -Wextra -Werror
+
+all: $(HOME)/bin/autobuild $(HOME)/.ssh/id_rsa $(HOME)/.ssh/id_rsa.pub $(HOME)/.gnupg/secring.gpg
+
+$(HOME)/bin/autobuild: $(HOME)/bin/autobuild.c
+ $(CC) $(CPPFLAGS) $(CFLAGS) -c $< -o $@ && chmod 6755 $@
+
+$(HOME)/.ssh/id_rsa $(HOME)/.ssh/id_rsa.pub:
+ ssh-keygen -N '' -f $@
+
+$(HOME)/.gnupg/secring.gpg:
+ printf '%s\n' \
+ 'Key-Type: default' \
+ 'Subkey-Type: default' \
+ 'Name-Real: Parabola automatic package builder' \
+ 'Name-Email: dev@lists.parabolagnulinux.org' \
+ 'Expire-Date: 0' \
+ | gpg --gen-key --batch
+
+.DELETE_ON_ERROR: