From c6b04c04653ba9933fe978829148312e412a9ea7 Mon Sep 17 00:00:00 2001 From: Allan McRae Date: Mon, 17 Apr 2017 18:30:05 +1000 Subject: makepkg: create signature files outside of fakeroot With recent version of gpg, signing within fakeroot works on the first invocation, but fails on later runs. Sign all packages outside of fakeroot to avoid this issue. Fixes FS#49946. Signed-off-by: Allan McRae --- .../libmakepkg/integrity/generate_signature.sh.in | 34 ++++++++++++++++++++-- scripts/makepkg.sh.in | 9 +++--- 2 files changed, 36 insertions(+), 7 deletions(-) diff --git a/scripts/libmakepkg/integrity/generate_signature.sh.in b/scripts/libmakepkg/integrity/generate_signature.sh.in index 060ae344..6d65d82d 100644 --- a/scripts/libmakepkg/integrity/generate_signature.sh.in +++ b/scripts/libmakepkg/integrity/generate_signature.sh.in @@ -27,11 +27,10 @@ source "$LIBRARY/util/message.sh" create_signature() { if [[ $SIGNPKG != 'y' ]]; then - return + return 0 fi local ret=0 local filename="$1" - msg "$(gettext "Signing package...")" local SIGNWITHKEY="" if [[ -n $GPGKEY ]]; then @@ -42,8 +41,37 @@ create_signature() { if (( ! ret )); then - msg2 "$(gettext "Created signature file %s.")" "$filename.sig" + msg2 "$(gettext "Created signature file %s.")" "${filename##*/}.sig" else warning "$(gettext "Failed to sign package file.")" fi + + return $ret +} + +create_package_signatures() { + local pkgarch pkg_file + local pkgname_backup=("${pkgname[@]}") + local fullver=$(get_full_version) + + msg "$(gettext "Signing package(s)...")" + + for pkgname in ${pkgname_backup[@]}; do + pkgarch=$(get_pkg_arch $pkgname) + pkg_file="$PKGDEST/${pkgname}-${fullver}-${pkgarch}${PKGEXT}" + + create_signature "$pkg_file" + done + + # check if debug package needs a signature + if ! check_option "debug" "y" || ! check_option "strip" "y"; then + return + fi + + pkgname=$pkgbase-@DEBUGSUFFIX@ + pkgarch=$(get_pkg_arch) + pkg_file="$PKGDEST/${pkgname}-${fullver}-${pkgarch}${PKGEXT}" + create_signature "$pkg_file" + + pkgname=("${pkgname_backup[@]}") } diff --git a/scripts/makepkg.sh.in b/scripts/makepkg.sh.in index be0ea72e..43c7e328 100644 --- a/scripts/makepkg.sh.in +++ b/scripts/makepkg.sh.in @@ -769,8 +769,6 @@ create_package() { error "$(gettext "Failed to create package file.")" exit 1 # TODO: error code fi - - create_signature "$pkg_file" } create_debug_package() { @@ -868,8 +866,6 @@ create_srcpackage() { exit 1 # TODO: error code fi - create_signature "$pkg_file" - cd_safe "${startdir}" rm -rf "${srclinks}" } @@ -1625,6 +1621,9 @@ if (( SOURCEONLY )); then enter_fakeroot + msg "$(gettext "Signing package...")" + create_signature "$SRCPKGDEST/${pkgbase}-${fullver}${SRCEXT}" + msg "$(gettext "Source package created: %s")" "$pkgbase ($(date))" exit 0 fi @@ -1716,6 +1715,8 @@ else fi enter_fakeroot + + create_package_signatures fi # if inhibiting archive creation, go no further -- cgit v1.2.3-24-g4f1b