Browse Source

updated vbuilder.sh.in: improved RPM_Sign() to sign rpms under usermode

git-svn-id: http://trac.vinelinux.org/repos/projects/vbootstrap/trunk@2662 ec354946-7b23-47d6-9f5a-488ba84defc7
munepi 13 years ago
parent
commit
a0313c8d74
4 changed files with 120 additions and 70 deletions
  1. 38 27
      po/ja.po
  2. 35 24
      po/vbootstrap.pot
  3. 5 1
      vbootstrap-vl.spec
  4. 42 18
      vbuilder.sh.in

+ 38 - 27
po/ja.po

@@ -7,8 +7,8 @@ msgid ""
 msgstr ""
 "Project-Id-Version: 0.0.35\n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2011-01-19 03:30+0900\n"
-"PO-Revision-Date: 2011-01-18 18:06+0900\n"
+"POT-Creation-Date: 2011-02-09 02:14+0900\n"
+"PO-Revision-Date: 2011-02-09 02:17+0900\n"
 "Last-Translator: Munehiro Yamamoto <munepi@vinelinux.org>\n"
 "Language-Team: Vine Linux <Vine@vinelinux.org>\n"
 "Language: \n"
@@ -38,28 +38,28 @@ msgstr "ベースシステムをインストールしています。"
 msgid "vboostrap done."
 msgstr "vbootstrap が完了しました。"
 
-#: vbuilder.sh.in:66 vbuilder.sh.in:73
+#: vbuilder.sh.in:67 vbuilder.sh.in:74
 msgid "E: You can give no more options after actions"
 msgstr "E: 動作の以後にオプションを与えられません"
 
-#: vbuilder.sh.in:85 vbuilder.sh.in:99 vbuilder.sh.in:102
+#: vbuilder.sh.in:86 vbuilder.sh.in:100 vbuilder.sh.in:103
 msgid "E: Missing some parameters after $1"
 msgstr "E: $1 以後のいくつかの引数に間違いがあります"
 
-#: vbuilder.sh.in:93
+#: vbuilder.sh.in:94
 msgid "E: You must give at least one action"
 msgstr "E: 少なくとも1つの動作を与えなければなりません"
 
-#: vbuilder.sh.in:165 vbuilder.sh.in:169
+#: vbuilder.sh.in:166 vbuilder.sh.in:170
 msgid "E: arch ${VARCH} is NOT supported on $(uname -i)"
 msgstr "E: ${VARCH} アーキテクチャは $(uname -i) 上で非サポートです"
 
-#: vbuilder.sh.in:176 vbuilder.sh.in:187
+#: vbuilder.sh.in:177 vbuilder.sh.in:188
 #, sh-format
 msgid "E: ${VERSION} is NOT supported"
 msgstr "E: バージョン ${VERSION} は非サポートです"
 
-#: vbuilder.sh.in:194
+#: vbuilder.sh.in:195
 #, sh-format
 msgid "E: version ${VERSION} does not support --dist-upgrade option"
 msgstr ""
@@ -69,75 +69,86 @@ msgstr ""
 #. # "test" category only exists in VineSeed
 #. #!! "proposed-updates" category does not exist in 4.2
 #. # "security" category does not exist in VineSeed
-#: vbuilder.sh.in:219 vbuilder.sh.in:225 vbuilder.sh.in:232 vbuilder.sh.in:236
+#: vbuilder.sh.in:220 vbuilder.sh.in:226 vbuilder.sh.in:233 vbuilder.sh.in:237
 #, sh-format
 msgid "E: No such category exists: $cat"
 msgstr "E: そのようなカテゴリは存在しません: $cat"
 
-#: vbuilder.sh.in:245
+#: vbuilder.sh.in:246
 #, sh-format
 msgid "E: rpm build target ${TARGET} is NOT supported"
 msgstr "E: rpm ビルドターゲット ${TARGET} はサポートされていません"
 
-#: vbuilder.sh.in:298
+#: vbuilder.sh.in:299
 msgid "apt-get update on host ... "
 msgstr "ホスト上で apt-get update を実行しています ... "
 
-#: vbuilder.sh.in:300 vbuilder.sh.in:305 vbuilder.sh.in:359 vbuilder.sh.in:478
-#: vbuilder.sh.in:484 vbuilder.sh.in:679
+#: vbuilder.sh.in:301 vbuilder.sh.in:306 vbuilder.sh.in:342 vbuilder.sh.in:365
+#: vbuilder.sh.in:500 vbuilder.sh.in:506 vbuilder.sh.in:701
 msgid "done."
 msgstr "完了"
 
-#: vbuilder.sh.in:303
+#: vbuilder.sh.in:304
 msgid "apt-get update on chroot ... "
 msgstr "chroot 上で apt-get update を実行しています ... "
 
-#: vbuilder.sh.in:357
-msgid "Retry lazy unmount ... "
-msgstr "lazy アンマウントを再度試しています ... "
+#: vbuilder.sh.in:340
+#, sh-format
+msgid "Retry lazy unmount ${BUILD_ROOT}${fs} ... "
+msgstr "lazy で ${BUILD_ROOT}${fs} を再度アンマウントしています ... "
+
+#: vbuilder.sh.in:363
+#, sh-format
+msgid "Retry lazy unmount ${BUILD_ROOT} ... "
+msgstr "lazy で ${BUILD_ROOT} を再度アンマウントしています ... "
 
-#: vbuilder.sh.in:476
+#: vbuilder.sh.in:498
 #, sh-format
 msgid "Cleaning build root ${UNIONFS_DIR} via unionfs ... "
 msgstr "unionfs 経由でビルドルート ${UNIONFS_DIR} をクリーニング中 ... "
 
-#: vbuilder.sh.in:482
+#: vbuilder.sh.in:504
 #, sh-format
 msgid "Cleaning build root ${BUILD_ROOT} ... "
 msgstr "ビルドルート ${BUILD_ROOT} をクリーニング中 ... "
 
-#: vbuilder.sh.in:488
+#: vbuilder.sh.in:510
 #, sh-format
 msgid "Cleanup a build farm for ${VERSION} done."
 msgstr "${VERSION} のビルドファームをクリーンアップしました。"
 
-#: vbuilder.sh.in:577
+#: vbuilder.sh.in:599
 #, sh-format
 msgid "Making a build farm for ${VERSION} done."
 msgstr "${VERSION} のビルドファームを構築しました。"
 
-#: vbuilder.sh.in:597
+#: vbuilder.sh.in:619
 #, sh-format
 msgid "E: $RPM_PKG is not a package name"
 msgstr "E: $RPM_PKG はパッケージ名でありません"
 
-#: vbuilder.sh.in:637
+#: vbuilder.sh.in:659
 #, sh-format
 msgid "E: $RPM_PKG is not a source RPM package"
 msgstr "E: $RPM_PKG はソース RPM パッケージでありません"
 
 #. # copy built rpms to ${HOME}/rpm/ for each archtectures
-#: vbuilder.sh.in:660
+#: vbuilder.sh.in:682
 #, sh-format
 msgid "Copying built rpms to ${BUILT_RPMS_DIR} for each archtectures ... "
 msgstr ""
 "各アーキテクチャに対して、ビルドされた rpm ファイルを ${BUILT_RPMS_DIR} にコ"
 "ピーしています ... "
 
-#: vbuilder.sh.in:687
+#: vbuilder.sh.in:712
+#, sh-format
+msgid "W: \\$SUDO_USER and \\$USERHELPER_UID are empty"
+msgstr "W: \\$SUDO_USER と \\$USERHELPER_UID は空です"
+
+#: vbuilder.sh.in:717
 #, sh-format
-msgid "W: \\$SUDO_USER is empty"
-msgstr "W: \\$SUDO_USER が空です"
+msgid "Signing built rpms using ${RPM_SIGN_USER}'s key: "
+msgstr "${RPM_SIGN_USER} の鍵を用いてビルドされた rpm ファイルを署名します: "
 
 #: vbootstrap/scripts/4.2.sh:9 vbootstrap/scripts/4.2_i386.sh:9
 #: vbootstrap/scripts/5.2.sh:9 vbootstrap/scripts/5.2_i386.sh:9

+ 35 - 24
po/vbootstrap.pot

@@ -8,7 +8,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: PACKAGE VERSION\n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2011-01-19 03:30+0900\n"
+"POT-Creation-Date: 2011-02-09 02:14+0900\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 "Language-Team: LANGUAGE <LL@li.org>\n"
@@ -38,28 +38,28 @@ msgstr ""
 msgid "vboostrap done."
 msgstr ""
 
-#: vbuilder.sh.in:66 vbuilder.sh.in:73
+#: vbuilder.sh.in:67 vbuilder.sh.in:74
 msgid "E: You can give no more options after actions"
 msgstr ""
 
-#: vbuilder.sh.in:85 vbuilder.sh.in:99 vbuilder.sh.in:102
+#: vbuilder.sh.in:86 vbuilder.sh.in:100 vbuilder.sh.in:103
 msgid "E: Missing some parameters after $1"
 msgstr ""
 
-#: vbuilder.sh.in:93
+#: vbuilder.sh.in:94
 msgid "E: You must give at least one action"
 msgstr ""
 
-#: vbuilder.sh.in:165 vbuilder.sh.in:169
+#: vbuilder.sh.in:166 vbuilder.sh.in:170
 msgid "E: arch ${VARCH} is NOT supported on $(uname -i)"
 msgstr ""
 
-#: vbuilder.sh.in:176 vbuilder.sh.in:187
+#: vbuilder.sh.in:177 vbuilder.sh.in:188
 #, sh-format
 msgid "E: ${VERSION} is NOT supported"
 msgstr ""
 
-#: vbuilder.sh.in:194
+#: vbuilder.sh.in:195
 #, sh-format
 msgid "E: version ${VERSION} does not support --dist-upgrade option"
 msgstr ""
@@ -67,72 +67,83 @@ msgstr ""
 #. # "test" category only exists in VineSeed
 #. #!! "proposed-updates" category does not exist in 4.2
 #. # "security" category does not exist in VineSeed
-#: vbuilder.sh.in:219 vbuilder.sh.in:225 vbuilder.sh.in:232 vbuilder.sh.in:236
+#: vbuilder.sh.in:220 vbuilder.sh.in:226 vbuilder.sh.in:233 vbuilder.sh.in:237
 #, sh-format
 msgid "E: No such category exists: $cat"
 msgstr ""
 
-#: vbuilder.sh.in:245
+#: vbuilder.sh.in:246
 #, sh-format
 msgid "E: rpm build target ${TARGET} is NOT supported"
 msgstr ""
 
-#: vbuilder.sh.in:298
+#: vbuilder.sh.in:299
 msgid "apt-get update on host ... "
 msgstr ""
 
-#: vbuilder.sh.in:300 vbuilder.sh.in:305 vbuilder.sh.in:359 vbuilder.sh.in:478
-#: vbuilder.sh.in:484 vbuilder.sh.in:679
+#: vbuilder.sh.in:301 vbuilder.sh.in:306 vbuilder.sh.in:342 vbuilder.sh.in:365
+#: vbuilder.sh.in:500 vbuilder.sh.in:506 vbuilder.sh.in:701
 msgid "done."
 msgstr ""
 
-#: vbuilder.sh.in:303
+#: vbuilder.sh.in:304
 msgid "apt-get update on chroot ... "
 msgstr ""
 
-#: vbuilder.sh.in:357
-msgid "Retry lazy unmount ... "
+#: vbuilder.sh.in:340
+#, sh-format
+msgid "Retry lazy unmount ${BUILD_ROOT}${fs} ... "
+msgstr ""
+
+#: vbuilder.sh.in:363
+#, sh-format
+msgid "Retry lazy unmount ${BUILD_ROOT} ... "
 msgstr ""
 
-#: vbuilder.sh.in:476
+#: vbuilder.sh.in:498
 #, sh-format
 msgid "Cleaning build root ${UNIONFS_DIR} via unionfs ... "
 msgstr ""
 
-#: vbuilder.sh.in:482
+#: vbuilder.sh.in:504
 #, sh-format
 msgid "Cleaning build root ${BUILD_ROOT} ... "
 msgstr ""
 
-#: vbuilder.sh.in:488
+#: vbuilder.sh.in:510
 #, sh-format
 msgid "Cleanup a build farm for ${VERSION} done."
 msgstr ""
 
-#: vbuilder.sh.in:577
+#: vbuilder.sh.in:599
 #, sh-format
 msgid "Making a build farm for ${VERSION} done."
 msgstr ""
 
-#: vbuilder.sh.in:597
+#: vbuilder.sh.in:619
 #, sh-format
 msgid "E: $RPM_PKG is not a package name"
 msgstr ""
 
-#: vbuilder.sh.in:637
+#: vbuilder.sh.in:659
 #, sh-format
 msgid "E: $RPM_PKG is not a source RPM package"
 msgstr ""
 
 #. # copy built rpms to ${HOME}/rpm/ for each archtectures
-#: vbuilder.sh.in:660
+#: vbuilder.sh.in:682
 #, sh-format
 msgid "Copying built rpms to ${BUILT_RPMS_DIR} for each archtectures ... "
 msgstr ""
 
-#: vbuilder.sh.in:687
+#: vbuilder.sh.in:712
+#, sh-format
+msgid "W: \\$SUDO_USER and \\$USERHELPER_UID are empty"
+msgstr ""
+
+#: vbuilder.sh.in:717
 #, sh-format
-msgid "W: \\$SUDO_USER is empty"
+msgid "Signing built rpms using ${RPM_SIGN_USER}'s key: "
 msgstr ""
 
 #: vbootstrap/scripts/4.2.sh:9 vbootstrap/scripts/4.2_i386.sh:9

+ 5 - 1
vbootstrap-vl.spec

@@ -1,7 +1,7 @@
 # This package is maintained on trac svn repository. Please do not change on local.
 # If you find a BUG, please report to Vine@vinelinux.org or mailing list or BTS.
 
-%define version 0.0.35
+%define version 0.0.36
 
 Summary: bootstrap scripts to create a basic Vine Linux system
 Summary(ja): Vine Linux の基本システムを作成するためのスクリプト
@@ -80,6 +80,10 @@ vbuilder は vbootstrap を利用して chroot 環境の構築し、
 
 
 %changelog
+* Wed Feb 09 2011 Munehiro Yamamoto <munepi@vinelinux.org> 0.0.36-1
+- updated vbuilder.sh.in
+  - improved RPM_Sign() to sign rpms under usermode
+
 * Wed Jan 19 2011 Munehiro Yamamoto <munepi@vinelinux.org> 0.0.35-1
 - updated po translations
 - updated vbuilder.sh.in, vbuilder-bash-completion.sh

+ 42 - 18
vbuilder.sh.in

@@ -5,6 +5,7 @@ TEXTDOMAIN=vbootstrap
 TEXTDOMAINDIR=/usr/share/locale
 
 Usage(){
+    set
     cat<<EOF
 Usage:	$(basename $0) {--version [version]} {--arch [arch]} {--category [categories]} {--dist-upgrade} {--target [target]} {--with-compat32} {--rpmbuild-define [macro_expr]} {--rpmbuild-with [bcond_with]} {--rpmbuild-without [bcond_with]} {--sign} {--no-install} {--bootstrap-dir [directory]} {--cache-dir [directory]} {--built-rpms-dir [directory]} {clean|build|build-rpm [src.rpm]|install-rpm [arch.rpm|package]|remove-rpm [package]|show-info}
 
@@ -342,12 +343,12 @@ mount-chroot-umount(){
 	    fi
 	    ;;
 	vfs)
-	    for dir in /sys /proc /dev/shm /dev/pts /dev; do
-	    	mount-chroot-umount ${dir} || return 1
-	    done
-	    # [ -d ${BUILD_ROOT}/proc ] || return 1
-	    # [ -z "$(mount | grep ${BUILD_ROOT}/proc)" ] || \
-	    # 	umount ${BUILD_ROOT}/proc
+	    # for dir in /sys /proc /dev/shm /dev/pts /dev; do
+	    # 	mount-chroot-umount ${dir} || return 1
+	    # done
+	    [ -d ${BUILD_ROOT}/proc ] || return 1
+	    [ -z "$(mount | grep ${BUILD_ROOT}/proc)" ] || \
+	    	umount ${BUILD_ROOT}/proc
 	    ;;
 	archives_dir)
 	    [ -d ${ARCHIVES_DIR} ] || return 1
@@ -393,10 +394,10 @@ mount-chroot-mount(){
 		mount ${mnt_opts} ${fs} ${BUILD_ROOT}${fs}
 	    ;;
 	vfs)
-	    for dir in /dev /dev/pts /dev/shm /proc /sys; do
-	    	mount-chroot-mount ${dir} || return 1
-	    done
-	    # mount-chroot-mount /proc || return 1
+	    # for dir in /dev /dev/pts /dev/shm /proc /sys; do
+	    # 	mount-chroot-mount ${dir} || return 1
+	    # done
+	    mount-chroot-mount /proc || return 1
 	    ;;
 	archives_dir)
 	    [ -d ${EXTERNAL_ARCHIVES_DIR} ] || mkdir -p ${EXTERNAL_ARCHIVES_DIR}
@@ -460,6 +461,22 @@ EOF
     return 0
 }
 
+## user_from_uid [uid]
+user_from_uid () {
+    ## check whether or not $1 is a number
+    ! echo $1 | egrep -q '[^0-9]' || return 1
+    
+    # look for the corresponding name in /etc/passwd
+    local IFS=":"
+    while read name x uid the_rest; do
+        [ "$1" = "$uid" ] && echo "$name" && return 0
+    done < /etc/passwd
+
+    # if nothing was found, return false
+    return 1
+}
+
+
 ##############################################################################
 
 Clean(){
@@ -554,11 +571,11 @@ Build(){
 
     $__chroot_sh 'apt-get -qq -y install etcskel shadow-utils'
 
-    #$__chroot_sh 'cd /dev && /sbin/MAKEDEV console'
-    #$__chroot_sh 'cd /dev && /sbin/MAKEDEV null'
-    #$__chroot_sh 'cd /dev && /sbin/MAKEDEV zero'
-    #$__chroot_sh 'cd /dev && /sbin/MAKEDEV random'
-    #$__chroot_sh 'cd /dev && /sbin/MAKEDEV urandom'
+    $__chroot_sh 'cd /dev && /sbin/MAKEDEV console'
+    $__chroot_sh 'cd /dev && /sbin/MAKEDEV null'
+    $__chroot_sh 'cd /dev && /sbin/MAKEDEV zero'
+    $__chroot_sh 'cd /dev && /sbin/MAKEDEV random'
+    $__chroot_sh 'cd /dev && /sbin/MAKEDEV urandom'
 
     $__chroot_sh '/usr/sbin/pwconv'
     $__chroot_sh "/usr/sbin/useradd ${BUILD_USER}"
@@ -688,10 +705,17 @@ RPM_Build(){
 RPM_Sign(){
     [ $with_sign -eq 1 ] || return 1
 
-    [ -z "${SUDO_USER}" ] && \
-	echo $"W: \$SUDO_USER is empty" && return 1
+    local RPM_SIGN_USER=$SUDO_USER
+    if [ -z "${RPM_SIGN_USER}" ]; then
+	RPM_SIGN_USER=$(user_from_uid $USERHELPER_UID)
+	if [ -z "${RPM_SIGN_USER}" ]; then
+	    echo $"W: \$SUDO_USER and \$USERHELPER_UID are empty"
+	    return 1
+	fi
+    fi
 
-    su ${SUDO_USER} -c "rpm --addsign $(for i in $RPM_PKG_ARCH_LIST; do find $BUILD_ROOT${BUILD_DIR}/${i} -type f -regex '.*\.rpm' 2>/dev/null; done | sed -e s,$BUILD_ROOT${BUILD_DIR},${BUILT_RPMS_DIR}/${MAJOR_VERSION},g -e 's/$/ \\/g')"
+    echo $"Signing built rpms using ${RPM_SIGN_USER}'s key: "
+    su $RPM_SIGN_USER -c "rpm --addsign $(for i in $RPM_PKG_ARCH_LIST; do find $BUILD_ROOT${BUILD_DIR}/${i} -type f -regex '.*\.rpm' 2>/dev/null; done | sed -e s,$BUILD_ROOT${BUILD_DIR},${BUILT_RPMS_DIR}/${MAJOR_VERSION},g -e 's/$/ \\/g')"
 
     return 0
 }