#!/bin/bash # # Copyright (C) 2007 Novell Inc. # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License 2 # as published by the Free Software Foundation. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the # Free Software Foundation, Inc., # 51 Franklin Street, # Fifth Floor, # Boston, MA 02110-1301, # USA. # # $Id: create_sha1sums,v 1.3 2007/07/24 16:48:23 lrupp Exp lrupp $ # SIGN="yes" EXTRA="no" function usage() { echo "Usage: `basename $0` [OPTIONS] " echo " -n : don't re-sign the generated files" echo " -x : add sha1sums for extra files" echo echo " (re-)creates the SHA1SUM lines in the content file" echo " and signs the content and products file" exit $1 } function signit(){ if [ "$(which sign)" != "" ]; then sign -d $1 else gpg -a -b $1 fi } if [ ! $1 ]; then usage 1 fi while getopts 'hnx' OPTION ; do case $OPTION in h) usage 0 ;; n) SIGN="no" ;; x) EXTRA="yes" ;; esac done shift $(( OPTIND - 1 )) CDS_PRIM=$1 if [ "$1" = "." ]; then CDS_PRIM=$(pwd) fi # prepare content file CONTTMP=`mktemp $CDS_PRIM/content-XXXXXX` grep -v "^META " $CDS_PRIM/content | grep -v "^KEY " | grep -v "^HASH SHA1" > $CONTTMP mv $CONTTMP $CDS_PRIM/content # add pattern and packages files to content file DESCRDIR=`grep DESCRDIR $CDS_PRIM/content | awk '" " { print $2 }'` pushd $CDS_PRIM/$DESCRDIR >/dev/null rm -f *.asc sha1sum * 2>/dev/null | grep -v "MD5SUMS" | grep -v "directory.yast" | sed -e "s@^@META SHA1 @" >> $CDS_PRIM/content popd >/dev/null pushd $CDS_PRIM >/dev/null if [ "$EXTRA" = "yes" ] ; then for i in license.tar.gz control.xml installation.xml media.1/info.txt ; do test -f $i || continue sha1sum $i 2>/dev/null | sed -e "s@^@HASH SHA1 @" >> $CDS_PRIM/content done for i in boot/*/root* boot/*/rescue boot/*/config boot/*/common boot/*/loader/linux boot/*/loader/initrd boot/*/loader/*.spl images/* boot/*/*.rpm; do test -f $i || continue sha1sum $i 2>/dev/null | sed -e "s@^@HASH SHA1 @" >> $CDS_PRIM/content done fi # add gpg-key files to content file sha1sum gpg-pubkey-* 2>/dev/null | sed -e "s@^@KEY SHA1 @" >> $CDS_PRIM/content popd >/dev/null # signing part if [ $SIGN="yes" ]; then REPOFILE=`find $CDS_PRIM -name repomd.xml 2>/dev/null` REPOFILE=${REPOFILE##$CDS_PRIM} REPOFILE=${REPOFILE##/} for file in content media.1/products $REPOFILE; do test -f $CDS_PRIM/${file}.asc && rm -f $CDS_PRIM/${file}.asc signit $CDS_PRIM/${file} done # GPG file handling starts here if [ -f $CDS_PRIM/pubring.gpg ]; then KEY_ID=`gpg --verify --no-default-keyring --keyring $CDS_PRIM/pubring.gpg $CDS_PRIM/content.asc $CDS_PRIM/content 2>&1 | sed -ne "s@.*key ID @@p" | tr [A-Z] [a-z]` KEY_FILE=`ls $CDS_PRIM/gpg-pubkey-$KEY_ID-* 2>/dev/null | tail -1` if [ -f "$KEY_FILE" ] ; then for file in media.1/products.key content.key; do test -f $CDS_PRIM/$file && rm $CDS_PRIM/$file cp -a $KEY_FILE $CDS_PRIM/$file done if [ x"$REPOFILE" != x"" ] ; then cp -a $KEY_FILE $CDS_PRIM/$REPOFILE.key fi else echo "ERROR: Could not find public key file for $CDS_PRIM/pubring.gpg in $CDS_PRIM/gpg-pubkey-*" fi else echo "WARNING: CDS_PRIM/pubring.gpg not found" fi fi # make shure everything is readable for all for file in content media.1/products $REPOFILE; do chmod 644 $CDS_PRIM/$file* done