e9b8bb7577
All the kernel builds started failing yesterday because the signing token could not be found. Update the token name in the macro shipped by pesign.
44 lines
1.7 KiB
Diff
44 lines
1.7 KiB
Diff
From 025eb8aea94761fdc45507b6192aafdef80d4842 Mon Sep 17 00:00:00 2001
|
|
From: Peter Jones <pjones@redhat.com>
|
|
Date: Wed, 9 Aug 2017 17:31:31 -0400
|
|
Subject: [PATCH 28/29] rpm: Make the client signer use the fedora values
|
|
unless overridden
|
|
|
|
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
---
|
|
src/macros.pesign | 9 ++++++---
|
|
1 file changed, 6 insertions(+), 3 deletions(-)
|
|
|
|
diff --git a/src/macros.pesign b/src/macros.pesign
|
|
index 69280e9..22a3ee6 100644
|
|
--- a/src/macros.pesign
|
|
+++ b/src/macros.pesign
|
|
@@ -9,6 +9,9 @@
|
|
%__pesign_token %{nil}%{?pe_signing_token:-t "%{pe_signing_token}"}
|
|
%__pesign_cert %{!?pe_signing_cert:"Red Hat Test Certificate"}%{?pe_signing_cert:"%{pe_signing_cert}"}
|
|
|
|
+%__pesign_client_token %{!?pe_signing_token:"OpenSC Card (Fedora Signer)"}%{?pe_signing_token:"%{pe_signing_token}"}
|
|
+%__pesign_client_cert %{!?pe_signing_cert:"/CN=Fedora Secure Boot Signer"}%{?pe_signing_cert:"%{pe_signing_cert}"}
|
|
+
|
|
%_pesign /usr/bin/pesign
|
|
%_pesign_client /usr/bin/pesign-client
|
|
|
|
@@ -41,11 +44,11 @@
|
|
--certdir ${nss} -c signer %{-o} \
|
|
rm -rf ${sattrs} ${sattrs}.sig ${nss} \
|
|
elif [ -S /var/run/pesign/socket ]; then \
|
|
- %{_pesign_client} -t %{__pesign_token} \\\
|
|
- -c %{__pesign_cert} \\\
|
|
+ %{_pesign_client} -t %{__pesign_client_token} \\\
|
|
+ -c %{__pesign_client_cert} \\\
|
|
%{-i} %{-o} %{-e} %{-s} %{-C} \
|
|
else \
|
|
- %{_pesign} -t %{__pesign_token} -c %{__pesign_cert} \\\
|
|
+ %{_pesign} %{__pesign_token} -c %{__pesign_cert} \\\
|
|
--certdir ${_pesign_nssdir} \\\
|
|
%{-i} %{-o} %{-e} %{-s} %{-C} \
|
|
fi \
|
|
--
|
|
2.13.4
|
|
|