Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP1:GA
suse-build-key.9443
suse-build-key.spec
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File suse-build-key.spec of Package suse-build-key.9443
# # spec file for package suse-build-key # # Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # Please submit bugfixes or comments via http://bugs.opensuse.org/ # Name: suse-build-key BuildRequires: gpg Provides: build-key Requires: gpg AutoReqProv: off Summary: The public gpg key for rpm package signature verification License: GPL-2.0+ Group: System/Packages Version: 12.0 Release: 0 Source1: dumpsigs # pub 2048R/39DB7C82 2013-01-31 [expires: 2020-12-06] SuSE Package Signing Key <build@suse.de> # The main package signing key. Source2: gpg-pubkey-39db7c82-5847eb1f.asc # pub 2048R/50A3DD1C 2013-01-14 SuSE Package Signing Key (reserve key) <build@suse.de> # Fallback key if main key gets lost. Source3: gpg-pubkey-50a3dd1c-50f35137.asc # pub 1024R/307E3D54 2006-03-21 SuSE Package Signing Key <build@suse.de> # SLE11 build@suse.de key, 1024 bit Source4: build-at-suse-sle11.asc # pub 1024D/B37B98A9 2005-05-11 SUSE PTF Signing Key <support@suse.com> # SUSE supplied PTF (program temporary fixes) are signed by this key. # supplied to be not imported by default Source98: suse_ptf_key.asc #OLD key #pub rsa4096/0x58FC58B1317CD502 2014-10-02 [SC] # Key fingerprint = E502 243D F6B7 E939 EA1B 4A0E 58FC 58B1 317C D502 #uid SUSE Security Team <security@suse.de> #sub rsa4096/0x457446950DE80E03 2014-10-02 [E] # Only used for email communication Source99: security_at_suse_de_old.asc #pub rsa4096/0x21FE92322BA9E067 2018-03-15 [SC] [expires: 2020-03-14] # Key fingerprint = EC7C 5EAB 2C34 09A6 4F3B BE6E 21FE 9232 2BA9 E067 #uid SUSE Security Team <security@suse.com> #uid SUSE Security Team <security@suse.de> #sub rsa4096/0xFF97314EC1E11A0E 2018-03-15 [E] [expires: 2020-03-14] # Only used for email communication Source100: security_at_suse_de.asc BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildArch: noarch %define keydir %{_prefix}/lib/rpm/gnupg/keys %define pubring usr/lib/rpm/gnupg/pubring.gpg %define susering usr/lib/rpm/gnupg/suse-build-key.gpg PreReq: sh-utils gpg fileutils mktemp %description This package contains the gpg keys that are used to sign the SUSE rpm packages. The keys installed here are not actually used by anything. rpm/zypper use the keys in the rpm db instead. %prep %setup -qcT %build cp %SOURCE4 . cp %SOURCE98 . cp %SOURCE99 . cp %SOURCE100 . touch suse-build-key.gpg gpg --no-default-keyring --keyring ./suse-build-key.gpg --import %{SOURCE2} gpg --no-default-keyring --keyring ./suse-build-key.gpg --import %{SOURCE3} %install rm -rf $RPM_BUILD_ROOT mkdir -p $RPM_BUILD_ROOT/usr/lib/rpm/gnupg install suse-build-key.gpg $RPM_BUILD_ROOT/%{susering} install -m 755 %{SOURCE1} $RPM_BUILD_ROOT/usr/lib/rpm/gnupg mkdir keys cd keys $RPM_BUILD_ROOT/usr/lib/rpm/gnupg/dumpsigs $RPM_BUILD_ROOT/%{susering} cd .. # also copy the ptf key into the /usr/lib/rpm/gnupg/keys directory, it will however not be default imported. cp %SOURCE98 keys/ cp -a keys $RPM_BUILD_ROOT/usr/lib/rpm/gnupg touch $RPM_BUILD_ROOT/%{pubring} touch $RPM_BUILD_ROOT/%{pubring}~ %files %defattr(644,root,root) %doc suse_ptf_key.asc security_at_suse_de.asc security_at_suse_de_old.asc build-at-suse-sle11.asc %attr(755,root,root) %dir /usr/lib/rpm/gnupg %attr(755,root,root) /usr/lib/rpm/gnupg/dumpsigs /usr/lib/rpm/gnupg/keys %config /%{susering} %ghost /%{pubring} %ghost /%{pubring}~ %post if [ ! -f %{pubring} ]; then touch %{pubring} fi echo -n "importing SuSE build key to rpm keyring... " TF=`mktemp /tmp/gpg.XXXXXX` if [ -z "$TF" ]; then echo "suse-build-key::post: cannot make temporary file. Fatal error." exit 20 fi if [ -z "$HOME" ]; then HOME=/root export HOME fi if [ ! -d "$HOME" ]; then mkdir "$HOME" fi gpg -q --batch --no-options < /dev/null > /dev/null 2>&1 || true # no kidding... gpg won't initialize correctly without being called twice. gpg < /dev/null > /dev/null 2>&1 || true gpg < /dev/null > /dev/null 2>&1 || true gpg -q --batch --no-options --no-default-keyring --no-permission-warning \ --keyring %{susering} --export -a > $TF a="$?" gpg -q --batch --no-options --no-default-keyring --no-permission-warning \ --keyring %{pubring} --import < $TF b="$?" rm -f "$TF" if [ "$a" = 0 -a "$b" = 0 ]; then echo "done." else echo "importing the key from the file %{susering}" echo "returned an error. This should not happen. It may not be possible" echo "to properly verify the authenticity of rpm packages from SuSE sources." echo "The keyring containing the SuSE rpm package signing key can be found" echo "in the root directory of the first CD (DVD) of your SuSE product." exit -1 fi ### import suse package build key to roots gpg keyring if test -f root/.gnupg/pubring.gpg ; then chroot . usr/bin/gpg --export --armor --no-default-keyring \ --keyring %{susering} build@suse.de \ | chroot . usr/bin/gpg --import || true if ! chroot . usr/bin/gpg --list-keys build@suse.de >/dev/null 2>&1 ; then echo "gpg import for build@suse.de failed, please import manually" >&2 fi else cp %{susering} root/.gnupg/pubring.gpg fi chmod 600 root/.gnupg/pubring.gpg %changelog
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor