rpm/pesign-obs-integration
SHA256
1
0
Fork 0
forked from pool/pesign-obs-integration
Code Pull Requests Activity
pesign-obs-integration/pesign-obs-integration.spec
Joey Lee b63590e396 Accepting request 947877 from home:michals 
- Support signing grub on powerpc (jsc#SLE-18271 bsc#1192764).
   + 0001-Support-ppc-grub-signing-jsc-SLE-18271-bsc-1192764.patch
   + 0002-kernel-sign-file-Move-x509-parsing-into-a-function.patch
   + 0003-kernel-sign-file-Support-appending-verbatim-PKCS-7-s.patch
   + 0004-Add-padding-to-grub-signature-correctly-jsc-SLE-1827.patch

Add SLE bug references:
  * Add support for GZIP and ZSTD module compression (bsc#1188636)
  * Compress kernel modules in batch and in parallel (bsc#1188636)
  support kernel module compression (bsc#1135854, jsc#SLE-16661)

OBS-URL: https://build.opensuse.org/request/show/947877
OBS-URL: https://build.opensuse.org/package/show/Base:System/pesign-obs-integration?expand=0&rev=110
2022-01-22 10:58:17 +00:00

80 lines
2.9 KiB
RPMSpec
Raw Blame History

#
# spec file for package pesign-obs-integration
#
# Copyright (c) 2022 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
# needssslcertforbuild
Name: pesign-obs-integration
Version: 10.2+git20210804.ff18da1
Release: 0
Summary: Macros and scripts to sign the kernel and bootloader
License: GPL-2.0-only
Group: Development/Tools/Other
URL: https://en.opensuse.org/openSUSE:UEFI_Image_File_Sign_Tools
Source: %{name}-%{version}.tar.gz
Patch1: 0001-Support-ppc-grub-signing-jsc-SLE-18271-bsc-1192764.patch
Patch2: 0002-kernel-sign-file-Move-x509-parsing-into-a-function.patch
Patch3: 0003-kernel-sign-file-Support-appending-verbatim-PKCS-7-s.patch
Patch4: 0004-Add-padding-to-grub-signature-correctly-jsc-SLE-1827.patch
BuildRequires: openssl
Requires: fipscheck
Requires: mozilla-nss-tools
Requires: openssl
# suse-module-tools <= 15.0.10 contains modsign-verify
Requires: suse-module-tools >= 15.0.10
%ifarch %{ix86} x86_64 ia64 aarch64 %{arm}
Requires: pesign
%endif
%description
This package provides scripts and rpm macros to automate signing of the
boot loader, kernel and kernel modules in the openSUSE Buildservice.
%prep
%setup -q -D
%autopatch -p1
%build
%install
mkdir -p %{buildroot}%{_prefix}/lib/rpm/brp-suse.d %{buildroot}%{_prefix}/lib/rpm/pesign
install pesign-gen-repackage-spec kernel-sign-file gen-hmac %{buildroot}%{_prefix}/lib/rpm/pesign
install brp-99-pesign %{buildroot}%{_prefix}/lib/rpm/brp-suse.d
# brp-99-compress-vmlinux has nothing to do with signing. It is packaged in
# pesign-obs-integration because this package is already used by the kernel
# build
install brp-99-compress-vmlinux %{buildroot}%{_prefix}/lib/rpm/brp-suse.d
install -m644 pesign-repackage.spec.in %{buildroot}%{_prefix}/lib/rpm/pesign
mkdir -p %{buildroot}%{_bindir}
install modsign-repackage %{buildroot}%{_bindir}/
install -pm 755 modsign-verify %{buildroot}%{_bindir}/
if test -e _projectcert.crt; then
openssl x509 -inform PEM -in _projectcert.crt \
-outform DER -out %{buildroot}%{_prefix}/lib/rpm/pesign/pesign-cert.x509
else
echo "No buildservice project certificate available"
fi
%files
%license COPYING
%doc README
%{_bindir}/modsign-repackage
%{_bindir}/modsign-verify
%{_prefix}/lib/rpm/*
%changelog
View Git Blame Copy Permalink