From 83155d74d230e4347194786322bde65386f94eee Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Aug 14 2012 18:39:12 +0000 Subject: Automatically embed the Red Hat Test Certificate and sign with it. --- diff --git a/shim.spec b/shim.spec index ec3dfce..40731e6 100644 --- a/shim.spec +++ b/shim.spec @@ -7,7 +7,8 @@ License: BSD URL: http://www.codon.org.uk/~mjg59/shim/ Source0: http://www.codon.org.uk/~mjg59/shim/shim-%{version}.tar.bz2 -BuildRequires: gnu-efi pesign +BuildRequires: gnu-efi git +BuildRequires: pesign >= 0.10-2 Requires: gnu-efi # Shim uses OpenSSL, but cannot use the system copy as the UEFI ABI is not @@ -20,10 +21,10 @@ Requires: gnu-efi # Adding further platforms will require adding appropriate relocation code. ExclusiveArch: x86_64 -# Temporary test key - update before final -Patch0: shim-fedora.diff - -Patch1: shim-image-size.patch +# Fix wrong expectation about the "image size" PE header field +Patch0: shim-image-size.patch +# Allow specifying the vendor certificate on the command line +Patch1: shim-vendor-cert-file.patch # Shim generates no binaries that run under the installed OS, so debuginfo # is useless @@ -41,14 +42,25 @@ Patch1: shim-image-size.patch Initial UEFI bootloader that handles chaining to a trusted full bootloader under secure boot environments. - %prep %setup -q -%patch0 -p1 -%patch1 -p1 +git init +git config user.email "shim-owner@fedoraproject.org" +git config user.name "Fedora Ninjas" +git add . +git commit -a -q -m "%{version} baseline." +git am %{patches}