From 5a39cdeacb7b6d07d0c229b8591549a37d8343ef Mon Sep 17 00:00:00 2001
From: Dennis Gilmore <dennis@ausil.us>
Date: Oct 10 2010 16:34:54 +0000
Subject: add fedora-burn-yubikey and its dep ykpers

split fedora-cert out on its own

---

diff --git a/0001-add-fedora-burn-yubikey-script.patch b/0001-add-fedora-burn-yubikey-script.patch
new file mode 100644
index 0000000..04ec0a3
--- /dev/null
+++ b/0001-add-fedora-burn-yubikey-script.patch
@@ -0,0 +1,96 @@
+From 01c90fffc927dc8c4edd71bb9a852ae4b2aabf41 Mon Sep 17 00:00:00 2001
+From: Dennis Gilmore <dennis@ausil.us>
+Date: Fri, 24 Sep 2010 11:23:43 -0500
+Subject: [PATCH 1/3] add fedora-burn-yubikey script
+ used for setting up yubikeys for fedora
+
+---
+ src/fedora-burn-yubikey.py |   76 ++++++++++++++++++++++++++++++++++++++++++++
+ 1 files changed, 76 insertions(+), 0 deletions(-)
+ create mode 100644 src/fedora-burn-yubikey.py
+
+diff --git a/src/fedora-burn-yubikey.py b/src/fedora-burn-yubikey.py
+new file mode 100644
+index 0000000..03f7ad9
+--- /dev/null
++++ b/src/fedora-burn-yubikey.py
+@@ -0,0 +1,76 @@
++#!/usr/bin/python
++
++# ykpersonalize -ofixed=ccccccccccci -afcaa0c5bf2e83ec040e4aeb7f8565293 -ouid=1e7f1da7d6d1
++from fedora.client import AccountSystem, AuthError
++from getpass import getpass, getuser
++import subprocess, sys, gettext
++from optparse import OptionParser
++
++t = gettext.translation('fas', '/usr/share/locale', fallback = True)
++_ = t.gettext
++
++parser = OptionParser(version = "0.1")
++parser.add_option('-u', '--username',
++                  dest = 'username',
++                  default = None,
++                  metavar = 'username',
++                  help = _('Fedora Account System username'))
++parser.add_option('-U', '--url',
++                  dest = 'url',
++                  default = 'https://admin.fedoraproject.org/accounts/',
++                  metavar = 'url',
++                  help = _('FAS URL (Default: https://admin.fedoraproject.org/accounts/'))
++
++(opts, args) = parser.parse_args()
++
++if not opts.username:
++    print _('Please provide a username.')
++    parser.print_help()
++    sys.exit(0)
++
++if not getuser() == 'root':
++    print _('''Please run this program as root as it will need to write
++directly to the yubikey usb''')
++    sys.exit(5)
++
++print _(
++'''
++Attention: You are about to reprogram your yubikey!  Please ensure it is
++plugged in to your USB slot before continuing.  The secret key currently on
++your yubikey will be destroyed as part of this operation!
++
++''')
++
++print 'Contacting %s' % opts.url
++password = getpass('Password for %s: ' % opts.username)
++
++fas = AccountSystem(username=opts.username, password=password, base_url=opts.url)
++try:
++    new_key = fas.send_request('yubikey/genkey', auth=True)
++except AuthError, e:
++    print e
++    sys.exit(1)
++
++print
++print _('New key generated in FAS, attempting to burn to yubikey')
++print
++
++opts = new_key['key'].split()
++
++try:
++    retcode = subprocess.call(['/usr/bin/ykpersonalize', 
++                            '-ofixed=%s' % opts[0],
++                            '-a%s' % opts[2],
++                            '-ouid=%s' % opts[1]])
++except KeyboardInterrupt:
++    print _('''
++Burn attempt cancelled by user!  Note: Even though the key did not get burned
++onto your key, FAS did generate a new one.  This just means that if you did 
++previously burn a different key, it will no longer work.
++''')
++    retcode=1
++
++if retcode:
++    print "There was an error writing to your yubi key"
++else:
++    print "Success!  Your Yubikey ID is %s" % opts[0]
+-- 
+1.7.3.1
+
diff --git a/0002-install-fedora-burn-yubikey-into-sbindir.patch b/0002-install-fedora-burn-yubikey-into-sbindir.patch
new file mode 100644
index 0000000..4763e26
--- /dev/null
+++ b/0002-install-fedora-burn-yubikey-into-sbindir.patch
@@ -0,0 +1,46 @@
+From b6ef8f00e9e655364bbfab886fe355665215378a Mon Sep 17 00:00:00 2001
+From: Dennis Gilmore <dennis@ausil.us>
+Date: Fri, 24 Sep 2010 11:29:39 -0500
+Subject: [PATCH 2/3] install fedora-burn-yubikey into sbindir
+
+---
+ Makefile.am |   10 +++++++++-
+ 1 files changed, 9 insertions(+), 1 deletions(-)
+
+diff --git a/Makefile.am b/Makefile.am
+index 57b9cdb..4df6dbb 100644
+--- a/Makefile.am
++++ b/Makefile.am
+@@ -11,13 +11,17 @@ bin_SCRIPTS = fedora-cvs \
+ 	arm-koji \
+ 	ppc-koji
+ 
+-CLEANFILES = $(bin_SCRIPTS)
++sbin_SCRIPTS = fedora-burn-yubikey
++
++CLEANFILES = $(bin_SCRIPTS) $(sbin_SCRIPTS)
++
+ EXTRA_DIST = src/fedora-cvs.py \
+ 	src/fedora-packager-setup.py \
+ 	src/fedoradev-pkgowners \
+ 	src/fedora-cert.py \
+ 	src/fedora-getsvn \
+ 	src/fedora-hosted.py \
++	src/fedora-burn-yubikey.py \
+ 	src/rpmbuild-md5 \
+ 	src/fedpkg.py \
+ 	src/secondary-koji \
+@@ -47,6 +51,10 @@ fedora-hosted: $(srcdir)/src/fedora-hosted.py
+ 	rm -f fedora-hosted
+ 	install -p -m 755 -T $(srcdir)/src/fedora-hosted.py fedora-hosted
+ 
++fedora-burn-yubikey: $(srcdir)/src/fedora-burn-yubikey.py
++	rm -f fedora-burn-yubikey
++	install -p -m 755 -T $(srcdir)/src/fedora-burn-yubikey.py fedora-burn-yubikey
++
+ rpmbuild-md5: $(srcdir)/src/rpmbuild-md5
+ 	rm -f rpmbuild-md5
+ 	install -p -m 755 -T $(srcdir)/src/rpmbuild-md5 rpmbuild-md5
+-- 
+1.7.3.1
+
diff --git a/0003-add-author-and-copyright-info-for-fedora-burn-yubike.patch b/0003-add-author-and-copyright-info-for-fedora-burn-yubike.patch
new file mode 100644
index 0000000..97b2881
--- /dev/null
+++ b/0003-add-author-and-copyright-info-for-fedora-burn-yubike.patch
@@ -0,0 +1,31 @@
+From cd3e56bc505a35a71d324a656eb133586a30c59b Mon Sep 17 00:00:00 2001
+From: Dennis Gilmore <dennis@ausil.us>
+Date: Fri, 24 Sep 2010 11:37:13 -0500
+Subject: [PATCH 3/3] add author and copyright info for fedora-burn-yubikey
+
+---
+ src/fedora-burn-yubikey.py |    9 +++++++++
+ 1 files changed, 9 insertions(+), 0 deletions(-)
+
+diff --git a/src/fedora-burn-yubikey.py b/src/fedora-burn-yubikey.py
+index 03f7ad9..1862cee 100644
+--- a/src/fedora-burn-yubikey.py
++++ b/src/fedora-burn-yubikey.py
+@@ -1,5 +1,14 @@
+ #!/usr/bin/python
+ 
++# Copyright (C) 2010 Red Hat Inc.
++# Author: Mike McGrath <mmcgrath@redhat.com>
++# 
++# This program is free software; you can redistribute it and/or modify it
++# under the terms of the GNU General Public License as published by the
++# Free Software Foundation; either version 2 of the License, or (at your
++# option) any later version.  See http://www.gnu.org/copyleft/gpl.html for
++# the full text of the license.
++
+ # ykpersonalize -ofixed=ccccccccccci -afcaa0c5bf2e83ec040e4aeb7f8565293 -ouid=1e7f1da7d6d1
+ from fedora.client import AccountSystem, AuthError
+ from getpass import getpass, getuser
+-- 
+1.7.3.1
+
diff --git a/fedora-packager.spec b/fedora-packager.spec
index 5170123..c8b5f42 100644
--- a/fedora-packager.spec
+++ b/fedora-packager.spec
@@ -4,13 +4,16 @@
 
 Name:           fedora-packager
 Version:        0.5.1.4
-Release:        1%{?dist}
+Release:        2%{?dist}
 Summary:        Tools for setting up a fedora maintainer environment
 
 Group:          Applications/Productivity
 License:        GPLv2+
 URL:            https://fedorahosted.org/fedora-packager
 Source0:        https://fedorahosted.org/releases/f/e/fedora-packager/fedora-packager-%{version}.tar.bz2
+Patch0:         0001-add-fedora-burn-yubikey-script.patch
+Patch1:         0002-install-fedora-burn-yubikey-into-sbindir.patch
+Patch2:         0003-add-author-and-copyright-info-for-fedora-burn-yubike.patch
 BuildRoot:      %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 
 BuildRequires:  python-devel
@@ -21,6 +24,8 @@ Requires:       pyOpenSSL python-pycurl
 Requires:       redhat-rpm-config
 Requires:       python-offtrac
 Requires:       fedpkg = %{version}-%{release}
+Requires:       fedora-cert = %{version}-%{release}
+Requires:       ykpers
 
 BuildArch:      noarch
 
@@ -31,7 +36,7 @@ Set of utilities useful for a fedora packager in setting up their environment.
 Summary:        fedora utility for working with dist-git
 Group:          Applications/Databases
 Requires:       GitPython >= 0.2.0, python-argparse, curl
-Requires:       fedora-packager = %{version}-%{release}
+Requires:       fedora-cert = %{version}-%{release}
 %if 0%{?rhel} == 5 || 0%{?rhel} == 4
 Requires:       python-kitchen
 %endif
@@ -40,9 +45,23 @@ Requires:       python-kitchen
 Provides the fedpkg command for working with dist-git
 
 
+%package     -n fedora-cert
+Summary:        fedora-cert tool and python library
+Group:          Applications/Databases
+Requires:       pyOpenSSL
+%if 0%{?rhel} == 5 || 0%{?rhel} == 4
+Requires:       python-kitchen
+%endif
+
+%description -n fedora-cert
+Provides fedora-cert and the fedora_cert python library
+
+
 %prep
 %setup -q
-
+%patch0 -p1
+%patch1 -p1
+%patch2 -p1
 
 %build
 %configure
@@ -61,7 +80,14 @@ rm -rf $RPM_BUILD_ROOT
 %defattr(-,root,root,-)
 %doc COPYING TODO AUTHORS ChangeLog
 %{_bindir}/*
+%{_sbindir}/*
 %exclude %{_bindir}/fedpkg
+%exclude %{_bindir}/fedora-cert
+
+%files -n fedora-cert
+%doc COPYING TODO AUTHORS ChangeLog
+%defattr(-,root,root,-)
+%{_bindir}/fedora-cert
 %{python_sitelib}/fedora_cert
 
 %files -n fedpkg
@@ -73,6 +99,10 @@ rm -rf $RPM_BUILD_ROOT
 
 
 %changelog
+* Sun Oct 10 2010 Dennis Gilmore <dennis@ausil.us> - 0.5.1.4-2
+- split out fedora-cert tool and library
+- add fedora-burn-yubikey tool
+
 * Tue Aug 24 2010 Jesse Keating <jkeating@redhat.com> - 0.5.1.4-1
 - Fix setting push.default when cloning with dirs
 - Remove build --test option in bash completion