pesign/0036-Make-the-macros-use-the-default-fedora-signer-if-the.patch
Peter Jones b58922c480 setfacl u:kojibuilder:rw /var/run/pesign/socket
- Fix command line checking in client
- Add client stdin pin reading.
2012-10-19 10:24:10 -04:00

43 lines
1.3 KiB
Diff

From 22308fbfb540b5215efb9ce96a4dfdce08ef9165 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Thu, 18 Oct 2012 15:16:05 -0400
Subject: [PATCH 36/41] Make the macros use the default (fedora) signer if
there's a daemon running.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/macros.pesign | 11 ++++++++++-
1 file changed, 10 insertions(+), 1 deletion(-)
diff --git a/src/macros.pesign b/src/macros.pesign
index 7706050..fb9d21e 100644
--- a/src/macros.pesign
+++ b/src/macros.pesign
@@ -10,13 +10,22 @@
%__pesign_cert %{!?pe_signing_cert:-c "Red Hat Test Certificate"}%{?pe_signing_cert:-c "%{pe_signing_cert}"}
%_pesign /usr/bin/pesign
+%_pesign_client /usr/bin/pesign-client
%pesign(i:o:C:e:s) \
if [ -x %{_pesign} -a "%{_target_cpu}" == "x86_64" ]; then \
- %{_pesign} %{__pesign_token} %{__pesign_cert} %{-i} %{-o} %{-e} %{-s} \
+ if [ -e /var/run/pesign/socket ]; then \
+ %{_pesign_client} -t "OpenSC Card (Fedora Signing CA)" \\\
+ -c "/CN=Fedora Secure Boot Signer" \\\
+ %{-i} %{-o} %{-e} %{-s} \
+ else \
+ %{_pesign} %{__pesign_token} %{__pesign_cert} %{-i} %{-o} %{-e} %{-s} \
+ fi \
else \
if [ -n "%{-i*}" -a -n "%{-o*}" ]; then \
mv %{-i*} %{-o*} \
+ elif [ -n "%{-i*}" -a -n "%{-e*}" ]; then \
+ touch %{-e*} \
fi \
fi ;
--
1.7.12.1