OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/suse-build-key?expand=0&rev=1

2007-01-15 23:38:18 +00:00 · 2007-01-15 23:38:18 +00:00 · 639eed6be9
commit 639eed6be9
6 changed files with 337 additions and 0 deletions
--- a/.gitattributes
+++ b/.gitattributes
@ -0,0 +1,23 @@
 ## Default LFS
 *.7z filter=lfs diff=lfs merge=lfs -text
 *.bsp filter=lfs diff=lfs merge=lfs -text
 *.bz2 filter=lfs diff=lfs merge=lfs -text
 *.gem filter=lfs diff=lfs merge=lfs -text
 *.gz filter=lfs diff=lfs merge=lfs -text
 *.jar filter=lfs diff=lfs merge=lfs -text
 *.lz filter=lfs diff=lfs merge=lfs -text
 *.lzma filter=lfs diff=lfs merge=lfs -text
 *.obscpio filter=lfs diff=lfs merge=lfs -text
 *.oxt filter=lfs diff=lfs merge=lfs -text
 *.pdf filter=lfs diff=lfs merge=lfs -text
 *.png filter=lfs diff=lfs merge=lfs -text
 *.rpm filter=lfs diff=lfs merge=lfs -text
 *.tbz filter=lfs diff=lfs merge=lfs -text
 *.tbz2 filter=lfs diff=lfs merge=lfs -text
 *.tgz filter=lfs diff=lfs merge=lfs -text
 *.ttf filter=lfs diff=lfs merge=lfs -text
 *.txz filter=lfs diff=lfs merge=lfs -text
 *.whl filter=lfs diff=lfs merge=lfs -text
 *.xz filter=lfs diff=lfs merge=lfs -text
 *.zip filter=lfs diff=lfs merge=lfs -text
 *.zst filter=lfs diff=lfs merge=lfs -text
--- a/42
+++ b/42
@ -0,0 +1,42 @@
 #!/usr/bin/perl
 my $keyring='';
 $keyring="--no-default-keyring --keyring=$ARGV[0]" if $ARGV[0] ne '';
 my @line;
 my $ver;
 my $rel;
 my $name;
 open(GPG, "gpg $keyring --no-secmem-warning --list-sigs --list-options show-keyring --fixed-list-mode --with-colons |");
 while (<GPG>) {
  chomp;
  next unless /^pub:/;
  @line = split(':', $_);
  my $id = $line[4];
  $_ = <GPG>;
  chomp;
  next unless /^uid:/;
  @line = split(':', $_);
  $name = $line[9];
  while (1) {
    $_ = <GPG>;
    chomp;
    die unless /^sig:/;
    @line = split(':', $_);
    next if $line[4] ne $id;
    $ver = lc($id);
    $ver =~ s/.*(........)$/$1/;
    $rel = sprintf("%08x", $line[5]);
    last;
  }
  $names{"gpg-pubkey-$ver-$rel"} = $id;
 }
 close GPG;
 my $n;
 for $n (sort keys %names) {
  print "writing $n.asc\n";
  system("gpg $keyring --no-secmem-warning --export -a '$names{$n}' >$n.asc");
 }
--- a/0
+++ b/0
--- a/suse-build-key.changes
+++ b/suse-build-key.changes
@ -0,0 +1,117 @@
 -------------------------------------------------------------------
 Mon May 29 17:20:45 CEST 2006 - ro@suse.de
 - added new official provo dsa autobuild key ID 7E2E3B05
 -------------------------------------------------------------------
 Fri May 19 14:02:59 CEST 2006 - ro@suse.de
 - removed unused provo autobuild key
 - added new official provo autobuild key ID A1912208 
 -------------------------------------------------------------------
 Thu Apr 20 12:47:18 CEST 2006 - ro@suse.de
 - add dumpsigs script here to have _one_ place for the script 
 -------------------------------------------------------------------
 Fri Mar 31 16:53:02 CEST 2006 - ro@suse.de
 - added build@suse.de rsa key ID 307E3D54
 -------------------------------------------------------------------
 Wed Jan 25 21:47:54 CET 2006 - mls@suse.de
 - converted neededforbuild to BuildRequires
 -------------------------------------------------------------------
 Tue Oct 18 17:47:07 CEST 2005 - ro@suse.de
 - use correct provo autobuild key 
 -------------------------------------------------------------------
 Tue Oct 18 12:28:04 CEST 2005 - ro@suse.de
 - added provo autobuild signing key (#128128)
 - removed jds key 
 -------------------------------------------------------------------
 Fri May 27 14:47:30 CEST 2005 - mls@suse.de
 - added mktemp to PreReqs [#86177]
 -------------------------------------------------------------------
 Thu Apr 28 11:45:36 CEST 2005 - ro@suse.de
 - added JDS public key (15c17deb) 
 -------------------------------------------------------------------
 Tue Jan 25 18:10:26 CET 2005 - ro@suse.de
 - added OES public key (0dfb3188)
 -------------------------------------------------------------------
 Tue Jun 22 12:28:07 CEST 2004 - ro@suse.de
 - updated build key (expiration changed to 2008-06-21) (#42326)
 -------------------------------------------------------------------
 Tue Feb 24 12:19:49 CET 2004 - hmacht@suse.de
 - building as non-root
 -------------------------------------------------------------------
 Tue Sep  9 18:51:02 CEST 2003 - ro@suse.de
 - ignore return code from first gpg calls
 -------------------------------------------------------------------
 Tue Sep  9 18:23:07 MEST 2003 - draht@suse.de
 - call gpg twice without any arguments for proper initialization
  inside postinstall
 -------------------------------------------------------------------
 Tue Sep  9 17:43:55 MEST 2003 - draht@suse.de
 - use temp file instead of pipe due to resource race between two
  instances of gpg in %post.
 -------------------------------------------------------------------
 Thu Sep  5 04:56:32 CEST 2002 - draht@suse.de
 - package now installs key from package-owned file into the rpm
  pubring in %post to allow other key packages to add their keys.
 -------------------------------------------------------------------
 Tue Aug 20 10:46:52 CEST 2002 - mmj@suse.de
 - Correct PreReq
 -------------------------------------------------------------------
 Fri Jul 26 09:50:14 CEST 2002 - kukuk@suse.de
 - Change Provides from suse-build-key to build-key
 -------------------------------------------------------------------
 Thu Feb 21 00:10:52 MET 2002 - draht@suse.de
 - directory permission problem: 644 -> 755.
 -------------------------------------------------------------------
 Mon Feb 18 12:16:34 CET 2002 - ro@suse.de
 - moved to /usr/lib/rpm/gnupg/pubring.pgp
  rpm needs a directory as gpg_path and will use pubring.gpg
  in that directory 
 -------------------------------------------------------------------
 Wed Feb 13 20:45:46 MET 2002 - draht@suse.de
 - initial package. Contains 
  - pub  2048R/3D25D3D9 1999-03-06 SuSE Security Team <security@suse.de>
  - pub  1024D/9C800ACA 2000-10-19 SuSE Package Signing Key <build@suse.de>
  - sub  2048g/8495160C 2000-10-19 [expires: 2006-02-12]
--- a/suse-build-key.gpg
+++ b/suse-build-key.gpg
--- a/suse-build-key.spec
+++ b/suse-build-key.spec
@ -0,0 +1,155 @@
 #
 # spec file for package suse-build-key (Version 1.0)
 #
 # Copyright (c) 2006 SUSE LINUX Products GmbH, Nuernberg, Germany.
 # This file and all modifications and additions to the pristine
 # package are under the same license as the package itself.
 #
 # Please submit bugfixes or comments via http://bugs.opensuse.org/
 #
 # norootforbuild
 Name:           suse-build-key
 BuildRequires:  gpg
 License:        GPL, Other License(s), see package
 Group:          System/Packages
 Provides:       build-key
 Requires:       gpg
 Autoreqprov:    off
 Summary:        The public gpg key for rpm package signature verification
 Version:        1.0
 Release:        686
 Source0:        suse-build-key.gpg
 Source1:        dumpsigs
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 BuildArchitectures: noarch
 %define pubring  usr/lib/rpm/gnupg/pubring.gpg
 %define susering usr/lib/rpm/gnupg/suse-build-key.gpg
 PreReq:         sh-utils gpg fileutils mktemp
 %description
 This package contains the gpg key that is used to sign official SuSE
 rpm packages. It will be installed as a keyring in
 /usr/lib/rpm/gnupg/pubring.gpg. Administrators who wish to add their
 own keys to verify against should use the following commandline command
 to add the key to the keyring as used by RPM:
 gpg --no-options --no-default-keyring \ --keyring
 /usr/lib/rpm/gnupg/pubring.gpg --import
 %prep
 rm -f foobarnosuchfileordirectory
 #%setup
 %build
 %install
 rm -rf $RPM_BUILD_ROOT
 mkdir -p $RPM_BUILD_ROOT/usr/lib/rpm/gnupg
 install %{SOURCE0} $RPM_BUILD_ROOT/%{susering}
 install -m 755 %{SOURCE1} $RPM_BUILD_ROOT/usr/lib/rpm/gnupg
 touch $RPM_BUILD_ROOT/%{pubring}
 touch $RPM_BUILD_ROOT/%{pubring}~
 %files
 %defattr(644,root,root)
 %attr(755,root,root) %dir /usr/lib/rpm/gnupg
 %attr(755,root,root) /usr/lib/rpm/gnupg/dumpsigs
 %config /%{susering}
 %ghost /%{pubring}
 %ghost /%{pubring}~
 %post
 if [ ! -f %{pubring} ]; then
    touch %{pubring}
 fi
 echo -n "importing SuSE build key to rpm keyring... "
 TF=`mktemp /tmp/gpg.XXXXXX`
 if [ -z "$TF" ]; then
  echo "suse-build-key::post: cannot make temporary file. Fatal error."
  exit 20
 fi
 if [ -z "$HOME" ]; then
  HOME=/root
 fi
 if [ ! -d "$HOME" ]; then
  mkdir "$HOME"
 fi
 gpg -q --batch --no-options < /dev/null > /dev/null 2>&1 || true
 # no kidding... gpg won't initialize correctly without being called twice.
 gpg < /dev/null > /dev/null 2>&1 || true
 gpg < /dev/null > /dev/null 2>&1 || true
 gpg -q --batch --no-options --no-default-keyring --no-permission-warning \
         --keyring %{susering}    --export -a > $TF 
 a="$?"
 gpg -q --batch --no-options --no-default-keyring --no-permission-warning \
         --keyring %{pubring}   --import < $TF
 b="$?"
 rm -f "$TF"
 if [ "$a" = 0 -a "$b" = 0 ]; then
    echo "done."
 else
    echo "importing the key from the file %{susering}"
    echo "returned an error. This should not happen. It may not be possible"
    echo "to properly verify the authenticity of rpm packages from SuSE sources."
    echo "The keyring containing the SuSE rpm package signing key can be found"
    echo "in the root directory of the first CD (DVD) of your SuSE product."
    exit -1
 fi
 %changelog -n suse-build-key
 * Mon May 29 2006 - ro@suse.de
 - added new official provo dsa autobuild key ID 7E2E3B05
 * Fri May 19 2006 - ro@suse.de
 - removed unused provo autobuild key
 - added new official provo autobuild key ID A1912208
 * Thu Apr 20 2006 - ro@suse.de
 - add dumpsigs script here to have _one_ place for the script
 * Fri Mar 31 2006 - ro@suse.de
 - added build@suse.de rsa key ID 307E3D54
 * Wed Jan 25 2006 - mls@suse.de
 - converted neededforbuild to BuildRequires
 * Tue Oct 18 2005 - ro@suse.de
 - use correct provo autobuild key
 * Tue Oct 18 2005 - ro@suse.de
 - added provo autobuild signing key (#128128)
 - removed jds key
 * Fri May 27 2005 - mls@suse.de
 - added mktemp to PreReqs [#86177]
 * Thu Apr 28 2005 - ro@suse.de
 - added JDS public key (15c17deb)
 * Tue Jan 25 2005 - ro@suse.de
 - added OES public key (0dfb3188)
 * Tue Jun 22 2004 - ro@suse.de
 - updated build key (expiration changed to 2008-06-21) (#42326)
 * Tue Feb 24 2004 - hmacht@suse.de
 - building as non-root
 * Tue Sep 09 2003 - ro@suse.de
 - ignore return code from first gpg calls
 * Tue Sep 09 2003 - draht@suse.de
 - call gpg twice without any arguments for proper initialization
  inside postinstall
 * Tue Sep 09 2003 - draht@suse.de
 - use temp file instead of pipe due to resource race between two
  instances of gpg in %%post.
 * Thu Sep 05 2002 - draht@suse.de
 - package now installs key from package-owned file into the rpm
  pubring in %%post to allow other key packages to add their keys.
 * Tue Aug 20 2002 - mmj@suse.de
 - Correct PreReq
 * Fri Jul 26 2002 - kukuk@suse.de
 - Change Provides from suse-build-key to build-key
 * Thu Feb 21 2002 - draht@suse.de
 - directory permission problem: 644 -> 755.
 * Mon Feb 18 2002 - ro@suse.de
 - moved to /usr/lib/rpm/gnupg/pubring.pgp
  rpm needs a directory as gpg_path and will use pubring.gpg
  in that directory
 * Wed Feb 13 2002 - draht@suse.de
 - initial package. Contains
 - pub  2048R/3D25D3D9 1999-03-06 SuSE Security Team <security@suse.de>
 - pub  1024D/9C800ACA 2000-10-19 SuSE Package Signing Key <build@suse.de>
 - sub  2048g/8495160C 2000-10-19 [expires: 2006-02-12]