rpms / pesign

Clone
Source Code
GIT

Blame 0005-Do-a-better-job-of-isolating-pesign-rh-test-crap.patch

el6 f18 f19 f20 f21 f22 f23 f24 f25 f26 f27 f28 f29 f30 f31 f32 f33 f34 f35 f36 f37 f38 f39 f40 main rawhide
  1.   f22
  2.   0005-Do-a-better-job-of-isolating-pesign-rh-test-crap.patch
Blob History Raw
c2226db 
From bfa02b50f9bbb60c3b04f159864aa4a87b0020e2 Mon Sep 17 00:00:00 2001
c2226db 
From: Peter Jones <pjones@redhat.com>
c2226db 
Date: Mon, 30 Nov 2015 15:34:35 -0500
c2226db 
Subject: [PATCH 5/5] Do a better job of isolating pesign-rh-test-crap
c2226db
c2226db 
---
c2226db 
 src/Makefile      |  1 +
c2226db 
 src/macros.pesign | 10 ++++++++--
c2226db 
 2 files changed, 9 insertions(+), 2 deletions(-)
c2226db
c2226db 
diff --git a/src/Makefile b/src/Makefile
c2226db 
index af3fd07..1822d3f 100644
c2226db 
--- a/src/Makefile
c2226db 
+++ b/src/Makefile
c2226db 
@@ -65,6 +65,7 @@ install_sysvinit: pesign.sysvinit
c2226db
c2226db 
 install :
c2226db 
 	$(INSTALL) -d -m 700 $(INSTALLROOT)/etc/pki/pesign/
c2226db 
+	$(INSTALL) -d -m 700 $(INSTALLROOT)/etc/pki/pesign-rh-test/
c2226db 
 	$(INSTALL) -d -m 770 $(INSTALLROOT)/var/run/pesign/
c2226db 
 	$(INSTALL) -d -m 755 $(INSTALLROOT)$(bindir)
c2226db 
 	$(INSTALL) -m 755 authvar $(INSTALLROOT)$(bindir)
c2226db 
diff --git a/src/macros.pesign b/src/macros.pesign
c2226db 
index 39374ce..9644940 100644
c2226db 
--- a/src/macros.pesign
c2226db 
+++ b/src/macros.pesign
c2226db 
@@ -7,7 +7,7 @@
c2226db 
 # And magically get the right thing.
c2226db
c2226db 
 %__pesign_token %{nil}%{?pe_signing_token:-t "%{pe_signing_token}"}
c2226db 
-%__pesign_cert %{!?pe_signing_cert:-c "Red Hat Test Certificate"}%{?pe_signing_cert:-c "%{pe_signing_cert}"}
c2226db 
+%__pesign_cert %{!?pe_signing_cert:"Red Hat Test Certificate"}%{?pe_signing_cert:"%{pe_signing_cert}"}
c2226db
c2226db 
 %_pesign /usr/bin/pesign
c2226db 
 %_pesign_client /usr/bin/pesign-client
c2226db 
@@ -21,6 +21,10 @@
c2226db 
 # -a <input ca cert filename>		# rhel only
c2226db 
 # -s 					# perform signing
c2226db 
 %pesign(i:o:C:e:c:n:a:s)						\
c2226db 
+  _pesign_nssdir=/etc/pki/pesign					\
c2226db 
+  if [ %{__pesign_cert} = "Red Hat Test Certificate" ]; then		\
c2226db 
+    _pesign_nssdir=/etc/pki/pesign-rh-test				\
c2226db 
+  fi									\
c2226db 
   if [ -x %{_pesign} ] &&  						\\\
c2226db 
        [ "%{_target_cpu}" == "x86_64" -o 				\\\
c2226db 
          "%{_target_cpu}" == "aarch64" ]; then				\
5466222 
@@ -39,9 +43,10 @@
c2226db 
     elif [ -S /var/run/pesign/socket ]; then				\
c2226db 
       %{_pesign_client} -t "OpenSC Card (Fedora Signer)"		\\\
c2226db 
                         -c "/CN=Fedora Secure Boot Signer"		\\\
c2226db 
                         %{-i} %{-o} %{-e} %{-s} %{-C}			\
c2226db 
     else								\
c2226db 
-      %{_pesign} %{__pesign_token} %{__pesign_cert}			\\\
c2226db 
+      %{_pesign} %{__pesign_token} -c %{__pesign_cert}			\\\
c2226db 
+		 --certdir ${_pesign_nssdir}				\\\
c2226db 
                  %{-i} %{-o} %{-e} %{-s} %{-C}				\
c2226db 
     fi									\
c2226db 
   else									\
c2226db 
--
c2226db 
2.5.0
c2226db
Powered by Pagure 5.13.3
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.