autopatch/kernel
5
0
Fork 1
Code Issues Pull Requests Releases Activity

Consolidate pesign/secureboot rules with AlmaLinux certs

Browse Source
This commit is contained in:
Andrew Lukoshko 2026-03-08 21:58:36 +00:00
parent ad0c4840e2
commit 4a5c5440ba
2 changed files with 19 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

44
config.yaml
View File

@ -48,24 +48,31 @@ actions:
%define secureboot_key_0 %{SOURCE12}
%define pesign_name_0 centossecureboot201
%else
replace: |
Source10: almalinuxsecurebootca0.cer
Source11: almalinuxsecurebootca0.cer
count: 1
- target: "spec"
find: |
%ifarch x86_64 aarch64
%define secureboot_ca_0 %{SOURCE10}
%define secureboot_key_0 %{SOURCE13}
%define pesign_name_0 redhatsecureboot501
%endif
replace: |
%define secureboot_ca_0 %{SOURCE10}
%define secureboot_ca_1 %{SOURCE11}
%define secureboot_ca_2 %{SOURCE11}
%define secureboot_key_0 %{SOURCE10}
%define pesign_name_0 almalinuxsecurebootca0
%ifarch s390x
%define secureboot_ca_0 %{SOURCE10}
%define secureboot_key_0 %{SOURCE14}
%define pesign_name_0 redhatsecureboot302
%endif
%ifarch ppc64le
%define secureboot_ca_0 %{SOURCE16}
%define secureboot_key_0 %{SOURCE15}
%define pesign_name_0 redhatsecureboot701
%endif
%endif
replace: |
Source10: almalinuxsecurebootca0.cer
Source11: almalinuxsecureboot0.cer
%define secureboot_ca_0 %{SOURCE10}
%define secureboot_key_0 %{SOURCE11}
%define pesign_name_0 almalinuxsecureboot0
count: 1
- target: "spec"
find: |
@ -164,19 +171,6 @@ actions:
- delete_line:
- target: "spec"
lines:
- |
%ifarch s390x
%define secureboot_ca_0 %{SOURCE10}
%define secureboot_key_0 %{SOURCE14}
%define pesign_name_0 redhatsecureboot302
%endif
- |
%ifarch ppc64le
%define secureboot_ca_0 %{SOURCE16}
%define secureboot_key_0 %{SOURCE15}
%define pesign_name_0 redhatsecureboot701
%endif
%endif
- |
if [ "$KernelExtension" == "gz" ]; then
gzip -f9 $SignImage

BIN
files/almalinuxsecureboot0.cer Normal file
View File

Binary file not shown.