diff options
| author | CoprDistGit <infra@openeuler.org> | 2024-08-29 11:09:34 +0000 |
|---|---|---|
| committer | CoprDistGit <infra@openeuler.org> | 2024-08-29 11:09:34 +0000 |
| commit | c22cb56acddf5bc4147f60908d5ebd770a079070 (patch) | |
| tree | 302eb716e7d6c4b9c514cf5cd9575b5a347fe220 /brp-digest-list | |
| parent | b28db8b7389e86a8b2a424f4851ecf7714373516 (diff) | |
automatic import of openEuler-rpm-config
Diffstat (limited to 'brp-digest-list')
| -rwxr-xr-x | brp-digest-list | 98 |
1 files changed, 0 insertions, 98 deletions
diff --git a/brp-digest-list b/brp-digest-list deleted file mode 100755 index 2f0681d..0000000 --- a/brp-digest-list +++ /dev/null @@ -1,98 +0,0 @@ -#!/usr/bin/sh - -# Get build root -RPM_BUILD_ROOT="${1}" - -# If using normal root, avoid changing anything. -if [ -z "$RPM_BUILD_ROOT" -o "$RPM_BUILD_ROOT" = "/" ]; then - exit 0 -fi - -# Create temporary file listing files in the manifest -TMPDIR="/tmp" -BIN_PKG_FILES=${TMPDIR}/${3%%.rpm} -cat - > $BIN_PKG_FILES - -# Ensure temporary file is cleaned up when we exit -trap "rm -f \"${BIN_PKG_FILES}\"" 0 2 3 5 10 13 15 - -# File empty, exit -if [ -L $BIN_PKG_FILES ] || [ -z $(head -c 1 $BIN_PKG_FILES) ]; then - exit 0 -fi - -# Create directory for digest lists -DIGEST_LIST_DIR=$RPM_BUILD_ROOT/$2/etc/ima/digest_lists -mkdir -p $DIGEST_LIST_DIR -mkdir -p $DIGEST_LIST_DIR.tlv - -# Generate digest list for the kernel -gen_digest_lists -i M: -t metadata -f compact -d $DIGEST_LIST_DIR -i l:policy \ - -i i: -o add -p -1 -m immutable -i L:$BIN_PKG_FILES -i u: \ - -A $RPM_BUILD_ROOT -i e: \ - -i E:/usr/src \ - -i E:/boot/efi \ - -i F:/lib \ - -i F:/usr/lib \ - -i F:/lib64 \ - -i F:/usr/lib64 \ - -i F:/lib/modules \ - -i F:/usr/lib/modules \ - -i F:/lib/firmware \ - -i F:/usr/lib/firmware - -DIGEST_LIST_PATH="$DIGEST_LIST_DIR/0-metadata_list-compact-$(basename $BIN_PKG_FILES)" -[ -f $DIGEST_LIST_PATH ] || exit 0 - -chmod 644 $DIGEST_LIST_PATH -echo $DIGEST_LIST_PATH - -# Generate TLV digest list to check metadata -gen_digest_lists -i M: -t metadata -f compact -d $DIGEST_LIST_DIR.tlv \ - -i l:policy -i i: -o add -p -1 -m immutable -i L:$BIN_PKG_FILES -i u: \ - -T -A $RPM_BUILD_ROOT -i e: \ - -i E:/usr/src \ - -i E:/boot/efi \ - -i F:/lib \ - -i F:/usr/lib \ - -i F:/lib64 \ - -i F:/usr/lib64 \ - -i F:/lib/modules \ - -i F:/usr/lib/modules \ - -i F:/lib/firmware \ - -i F:/usr/lib/firmware - -DIGEST_LIST_TLV_PATH="$DIGEST_LIST_DIR.tlv/0-metadata_list-compact_tlv-$(basename $BIN_PKG_FILES)" -[ -f $DIGEST_LIST_TLV_PATH ] || exit 0 - -chmod 644 $DIGEST_LIST_TLV_PATH -echo $DIGEST_LIST_TLV_PATH - -#if [[ "$(basename $BIN_PKG_FILES)" =~ "digest-list-tools" && \ -# ! $(basename $BIN_PKG_FILES) =~ "debug" ]]; then -# Generate digest list for the user space parsers - -# do EBS sign -export PUBLISHER_HOST=$(grep PUBLISHER_HOST /lkp/scheduled/job.yaml | awk '{print $2}') -export PUBLISHER_PORT=$(grep PUBLISHER_PORT /lkp/scheduled/job.yaml | awk '{print $2}') -if [[ -n "$PUBLISHER_HOST" && -n "$PUBLISHER_PORT" ]]; then - [ -f /usr/lib/rpm/brp-ebs-sign ] || exit 0 - sh /usr/lib/rpm/brp-ebs-sign --ima-digestlist $DIGEST_LIST_PATH 1>&2 - [ -f $DIGEST_LIST_PATH.sig ] || exit 0 - chmod 644 $DIGEST_LIST_PATH.sig - mv $DIGEST_LIST_PATH.sig $DIGEST_LIST_PATH - exit 0 -fi - -# do OBS sign -[ -f /usr/lib/rpm/brp-suse.d/brp-99-pesign ] || exit 0 - -export BRP_PESIGN_FILES="$2/etc/ima/digest_lists/*" -export RPM_BUILD_ROOT -export RPM_PACKAGE_NAME="digest-list-tools" -export RPM_SOURCE_DIR="$(rpm --eval %_topdir)/SOURCES" - -if [ -f "/usr/lib/rpm/brp-suse.d/brp-99-pesign" ]; then - /usr/lib/rpm/brp-suse.d/brp-99-pesign &> /dev/null -fi -#fi |