From 86a6b02e4b95ab3629446e71895cc5e57ad4482f Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Mon, 14 Aug 2017 11:37:43 -0400
Subject: [PATCH 29/29] Make macros.pesign error in kojibuilder if we don't
 have perms on the socket

---
 src/macros.pesign | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/src/macros.pesign b/src/macros.pesign
index 22a3ee6..1665b4c 100644
--- a/src/macros.pesign
+++ b/src/macros.pesign
@@ -43,6 +43,21 @@
       %{_pesign} -R ${sattrs}.sig -I ${sattrs} %{-i}			\\\
                  --certdir ${nss} -c signer %{-o}			\
       rm -rf ${sattrs} ${sattrs}.sig ${nss}				\
+    elif [ "%{vendor}" == "Fedora Project" -a				\\\
+           "$(id -un)" == "mockbuild" -a				\\\
+           "$(uname -m)" == "x86_64" ] &&				\\\
+         grep -q ID=fedora /etc/os-release && 				\\\
+         [[ "%{_buildhost}" =~ ^bkernel.* ]] &&			\\\
+         ! [ -S /var/run/pesign/socket ]; then				\
+      echo "No socket even though this is %{_buildhost}"		\
+      ls -ld /var/run/pesign || :					\
+      getfacl /var/run/pesign || :					\
+      ls -l /var/run/pesign/socket || :				\
+      getfacl /var/run/pesign/socket || :				\
+      echo =========== env ==============				\
+      set								\
+      echo =========== env ==============				\
+      exit 1								\
     elif [ -S /var/run/pesign/socket ]; then				\
       %{_pesign_client} -t %{__pesign_client_token}			\\\
                         -c %{__pesign_client_cert}			\\\
-- 
2.13.4