From 22308fbfb540b5215efb9ce96a4dfdce08ef9165 Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Thu, 18 Oct 2012 15:16:05 -0400 Subject: [PATCH 36/42] Make the macros use the default (fedora) signer if there's a daemon running. Signed-off-by: Peter Jones --- src/macros.pesign | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/src/macros.pesign b/src/macros.pesign index 7706050..fb9d21e 100644 --- a/src/macros.pesign +++ b/src/macros.pesign @@ -10,13 +10,22 @@ %__pesign_cert %{!?pe_signing_cert:-c "Red Hat Test Certificate"}%{?pe_signing_cert:-c "%{pe_signing_cert}"} %_pesign /usr/bin/pesign +%_pesign_client /usr/bin/pesign-client %pesign(i:o:C:e:s) \ if [ -x %{_pesign} -a "%{_target_cpu}" == "x86_64" ]; then \ - %{_pesign} %{__pesign_token} %{__pesign_cert} %{-i} %{-o} %{-e} %{-s} \ + if [ -e /var/run/pesign/socket ]; then \ + %{_pesign_client} -t "OpenSC Card (Fedora Signing CA)" \\\ + -c "/CN=Fedora Secure Boot Signer" \\\ + %{-i} %{-o} %{-e} %{-s} \ + else \ + %{_pesign} %{__pesign_token} %{__pesign_cert} %{-i} %{-o} %{-e} %{-s} \ + fi \ else \ if [ -n "%{-i*}" -a -n "%{-o*}" ]; then \ mv %{-i*} %{-o*} \ + elif [ -n "%{-i*}" -a -n "%{-e*}" ]; then \ + touch %{-e*} \ fi \ fi ; -- 1.7.12.1