commit 9c46be4ed5818a01200acd0baee4bb17a89dbffb057a0cade84effdbd476c022 Author: OBS User unknown Date: Mon Jan 15 23:38:18 2007 +0000 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/suse-build-key?expand=0&rev=1 diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..9b03811 --- /dev/null +++ b/.gitattributes @@ -0,0 +1,23 @@ +## Default LFS +*.7z filter=lfs diff=lfs merge=lfs -text +*.bsp filter=lfs diff=lfs merge=lfs -text +*.bz2 filter=lfs diff=lfs merge=lfs -text +*.gem filter=lfs diff=lfs merge=lfs -text +*.gz filter=lfs diff=lfs merge=lfs -text +*.jar filter=lfs diff=lfs merge=lfs -text +*.lz filter=lfs diff=lfs merge=lfs -text +*.lzma filter=lfs diff=lfs merge=lfs -text +*.obscpio filter=lfs diff=lfs merge=lfs -text +*.oxt filter=lfs diff=lfs merge=lfs -text +*.pdf filter=lfs diff=lfs merge=lfs -text +*.png filter=lfs diff=lfs merge=lfs -text +*.rpm filter=lfs diff=lfs merge=lfs -text +*.tbz filter=lfs diff=lfs merge=lfs -text +*.tbz2 filter=lfs diff=lfs merge=lfs -text +*.tgz filter=lfs diff=lfs merge=lfs -text +*.ttf filter=lfs diff=lfs merge=lfs -text +*.txz filter=lfs diff=lfs merge=lfs -text +*.whl filter=lfs diff=lfs merge=lfs -text +*.xz filter=lfs diff=lfs merge=lfs -text +*.zip filter=lfs diff=lfs merge=lfs -text +*.zst filter=lfs diff=lfs merge=lfs -text diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..57affb6 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +.osc diff --git a/dumpsigs b/dumpsigs new file mode 100644 index 0000000..87ee3a6 --- /dev/null +++ b/dumpsigs @@ -0,0 +1,42 @@ +#!/usr/bin/perl + +my $keyring=''; + +$keyring="--no-default-keyring --keyring=$ARGV[0]" if $ARGV[0] ne ''; + +my @line; +my $ver; +my $rel; +my $name; + +open(GPG, "gpg $keyring --no-secmem-warning --list-sigs --list-options show-keyring --fixed-list-mode --with-colons |"); +while () { + chomp; + next unless /^pub:/; + @line = split(':', $_); + my $id = $line[4]; + $_ = ; + chomp; + next unless /^uid:/; + @line = split(':', $_); + $name = $line[9]; + while (1) { + $_ = ; + chomp; + die unless /^sig:/; + @line = split(':', $_); + next if $line[4] ne $id; + $ver = lc($id); + $ver =~ s/.*(........)$/$1/; + $rel = sprintf("%08x", $line[5]); + last; + } + $names{"gpg-pubkey-$ver-$rel"} = $id; +} +close GPG; +my $n; + +for $n (sort keys %names) { + print "writing $n.asc\n"; + system("gpg $keyring --no-secmem-warning --export -a '$names{$n}' >$n.asc"); +} diff --git a/ready b/ready new file mode 100644 index 0000000..473a0f4 diff --git a/suse-build-key.changes b/suse-build-key.changes new file mode 100644 index 0000000..4757ec9 --- /dev/null +++ b/suse-build-key.changes @@ -0,0 +1,117 @@ +------------------------------------------------------------------- +Mon May 29 17:20:45 CEST 2006 - ro@suse.de + +- added new official provo dsa autobuild key ID 7E2E3B05 + +------------------------------------------------------------------- +Fri May 19 14:02:59 CEST 2006 - ro@suse.de + +- removed unused provo autobuild key +- added new official provo autobuild key ID A1912208 + +------------------------------------------------------------------- +Thu Apr 20 12:47:18 CEST 2006 - ro@suse.de + +- add dumpsigs script here to have _one_ place for the script + +------------------------------------------------------------------- +Fri Mar 31 16:53:02 CEST 2006 - ro@suse.de + +- added build@suse.de rsa key ID 307E3D54 + +------------------------------------------------------------------- +Wed Jan 25 21:47:54 CET 2006 - mls@suse.de + +- converted neededforbuild to BuildRequires + +------------------------------------------------------------------- +Tue Oct 18 17:47:07 CEST 2005 - ro@suse.de + +- use correct provo autobuild key + +------------------------------------------------------------------- +Tue Oct 18 12:28:04 CEST 2005 - ro@suse.de + +- added provo autobuild signing key (#128128) +- removed jds key + +------------------------------------------------------------------- +Fri May 27 14:47:30 CEST 2005 - mls@suse.de + +- added mktemp to PreReqs [#86177] + +------------------------------------------------------------------- +Thu Apr 28 11:45:36 CEST 2005 - ro@suse.de + +- added JDS public key (15c17deb) + +------------------------------------------------------------------- +Tue Jan 25 18:10:26 CET 2005 - ro@suse.de + +- added OES public key (0dfb3188) + +------------------------------------------------------------------- +Tue Jun 22 12:28:07 CEST 2004 - ro@suse.de + +- updated build key (expiration changed to 2008-06-21) (#42326) + +------------------------------------------------------------------- +Tue Feb 24 12:19:49 CET 2004 - hmacht@suse.de + +- building as non-root + +------------------------------------------------------------------- +Tue Sep 9 18:51:02 CEST 2003 - ro@suse.de + +- ignore return code from first gpg calls + +------------------------------------------------------------------- +Tue Sep 9 18:23:07 MEST 2003 - draht@suse.de + +- call gpg twice without any arguments for proper initialization + inside postinstall + +------------------------------------------------------------------- +Tue Sep 9 17:43:55 MEST 2003 - draht@suse.de + +- use temp file instead of pipe due to resource race between two + instances of gpg in %post. + +------------------------------------------------------------------- +Thu Sep 5 04:56:32 CEST 2002 - draht@suse.de + +- package now installs key from package-owned file into the rpm + pubring in %post to allow other key packages to add their keys. + +------------------------------------------------------------------- +Tue Aug 20 10:46:52 CEST 2002 - mmj@suse.de + +- Correct PreReq + +------------------------------------------------------------------- +Fri Jul 26 09:50:14 CEST 2002 - kukuk@suse.de + +- Change Provides from suse-build-key to build-key + +------------------------------------------------------------------- +Thu Feb 21 00:10:52 MET 2002 - draht@suse.de + +- directory permission problem: 644 -> 755. + +------------------------------------------------------------------- +Mon Feb 18 12:16:34 CET 2002 - ro@suse.de + +- moved to /usr/lib/rpm/gnupg/pubring.pgp + rpm needs a directory as gpg_path and will use pubring.gpg + in that directory + +------------------------------------------------------------------- +Wed Feb 13 20:45:46 MET 2002 - draht@suse.de + +- initial package. Contains + - pub 2048R/3D25D3D9 1999-03-06 SuSE Security Team + + - pub 1024D/9C800ACA 2000-10-19 SuSE Package Signing Key + - sub 2048g/8495160C 2000-10-19 [expires: 2006-02-12] + + diff --git a/suse-build-key.gpg b/suse-build-key.gpg new file mode 100644 index 0000000..4dc075d Binary files /dev/null and b/suse-build-key.gpg differ diff --git a/suse-build-key.spec b/suse-build-key.spec new file mode 100644 index 0000000..9a7ab02 --- /dev/null +++ b/suse-build-key.spec @@ -0,0 +1,155 @@ +# +# spec file for package suse-build-key (Version 1.0) +# +# Copyright (c) 2006 SUSE LINUX Products GmbH, Nuernberg, Germany. +# This file and all modifications and additions to the pristine +# package are under the same license as the package itself. +# +# Please submit bugfixes or comments via http://bugs.opensuse.org/ +# + +# norootforbuild + +Name: suse-build-key +BuildRequires: gpg +License: GPL, Other License(s), see package +Group: System/Packages +Provides: build-key +Requires: gpg +Autoreqprov: off +Summary: The public gpg key for rpm package signature verification +Version: 1.0 +Release: 686 +Source0: suse-build-key.gpg +Source1: dumpsigs +BuildRoot: %{_tmppath}/%{name}-%{version}-build +BuildArchitectures: noarch +%define pubring usr/lib/rpm/gnupg/pubring.gpg +%define susering usr/lib/rpm/gnupg/suse-build-key.gpg +PreReq: sh-utils gpg fileutils mktemp + +%description +This package contains the gpg key that is used to sign official SuSE +rpm packages. It will be installed as a keyring in +/usr/lib/rpm/gnupg/pubring.gpg. Administrators who wish to add their +own keys to verify against should use the following commandline command +to add the key to the keyring as used by RPM: + +gpg --no-options --no-default-keyring \ --keyring +/usr/lib/rpm/gnupg/pubring.gpg --import + + + +%prep +rm -f foobarnosuchfileordirectory +#%setup + +%build + +%install +rm -rf $RPM_BUILD_ROOT +mkdir -p $RPM_BUILD_ROOT/usr/lib/rpm/gnupg +install %{SOURCE0} $RPM_BUILD_ROOT/%{susering} +install -m 755 %{SOURCE1} $RPM_BUILD_ROOT/usr/lib/rpm/gnupg +touch $RPM_BUILD_ROOT/%{pubring} +touch $RPM_BUILD_ROOT/%{pubring}~ + +%files +%defattr(644,root,root) +%attr(755,root,root) %dir /usr/lib/rpm/gnupg +%attr(755,root,root) /usr/lib/rpm/gnupg/dumpsigs +%config /%{susering} +%ghost /%{pubring} +%ghost /%{pubring}~ + +%post +if [ ! -f %{pubring} ]; then + touch %{pubring} +fi +echo -n "importing SuSE build key to rpm keyring... " +TF=`mktemp /tmp/gpg.XXXXXX` +if [ -z "$TF" ]; then + echo "suse-build-key::post: cannot make temporary file. Fatal error." + exit 20 +fi +if [ -z "$HOME" ]; then + HOME=/root +fi +if [ ! -d "$HOME" ]; then + mkdir "$HOME" +fi +gpg -q --batch --no-options < /dev/null > /dev/null 2>&1 || true +# no kidding... gpg won't initialize correctly without being called twice. +gpg < /dev/null > /dev/null 2>&1 || true +gpg < /dev/null > /dev/null 2>&1 || true +gpg -q --batch --no-options --no-default-keyring --no-permission-warning \ + --keyring %{susering} --export -a > $TF +a="$?" +gpg -q --batch --no-options --no-default-keyring --no-permission-warning \ + --keyring %{pubring} --import < $TF +b="$?" +rm -f "$TF" +if [ "$a" = 0 -a "$b" = 0 ]; then + echo "done." +else + echo "importing the key from the file %{susering}" + echo "returned an error. This should not happen. It may not be possible" + echo "to properly verify the authenticity of rpm packages from SuSE sources." + echo "The keyring containing the SuSE rpm package signing key can be found" + echo "in the root directory of the first CD (DVD) of your SuSE product." + exit -1 +fi + +%changelog -n suse-build-key +* Mon May 29 2006 - ro@suse.de +- added new official provo dsa autobuild key ID 7E2E3B05 +* Fri May 19 2006 - ro@suse.de +- removed unused provo autobuild key +- added new official provo autobuild key ID A1912208 +* Thu Apr 20 2006 - ro@suse.de +- add dumpsigs script here to have _one_ place for the script +* Fri Mar 31 2006 - ro@suse.de +- added build@suse.de rsa key ID 307E3D54 +* Wed Jan 25 2006 - mls@suse.de +- converted neededforbuild to BuildRequires +* Tue Oct 18 2005 - ro@suse.de +- use correct provo autobuild key +* Tue Oct 18 2005 - ro@suse.de +- added provo autobuild signing key (#128128) +- removed jds key +* Fri May 27 2005 - mls@suse.de +- added mktemp to PreReqs [#86177] +* Thu Apr 28 2005 - ro@suse.de +- added JDS public key (15c17deb) +* Tue Jan 25 2005 - ro@suse.de +- added OES public key (0dfb3188) +* Tue Jun 22 2004 - ro@suse.de +- updated build key (expiration changed to 2008-06-21) (#42326) +* Tue Feb 24 2004 - hmacht@suse.de +- building as non-root +* Tue Sep 09 2003 - ro@suse.de +- ignore return code from first gpg calls +* Tue Sep 09 2003 - draht@suse.de +- call gpg twice without any arguments for proper initialization + inside postinstall +* Tue Sep 09 2003 - draht@suse.de +- use temp file instead of pipe due to resource race between two + instances of gpg in %%post. +* Thu Sep 05 2002 - draht@suse.de +- package now installs key from package-owned file into the rpm + pubring in %%post to allow other key packages to add their keys. +* Tue Aug 20 2002 - mmj@suse.de +- Correct PreReq +* Fri Jul 26 2002 - kukuk@suse.de +- Change Provides from suse-build-key to build-key +* Thu Feb 21 2002 - draht@suse.de +- directory permission problem: 644 -> 755. +* Mon Feb 18 2002 - ro@suse.de +- moved to /usr/lib/rpm/gnupg/pubring.pgp + rpm needs a directory as gpg_path and will use pubring.gpg + in that directory +* Wed Feb 13 2002 - draht@suse.de +- initial package. Contains +- pub 2048R/3D25D3D9 1999-03-06 SuSE Security Team +- pub 1024D/9C800ACA 2000-10-19 SuSE Package Signing Key +- sub 2048g/8495160C 2000-10-19 [expires: 2006-02-12]