-
-
Save drybjed/00dd885d57310d667a54 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# syntax: $0 -p <packagename> [-a "author <email>"] [-k "my-keyring-filename.gpg"] [-d <destdir for package>] [-v <packageversion>] [--] <keyfiles...> | |
set -e | |
selfdir=$(readlink -f "$0") | |
selfdir=$(dirname "${selfdir}") | |
tmpdir=$(mktemp --tmpdir -d create-gpgring-package-XXXXXXX) | |
trap 'rm -rf "${tmpdir}"' EXIT | |
unset KEYFILES | |
KEYFILES=() | |
PACKAGENAME= | |
PACKAGEAUTHOR= | |
KEYRING= | |
PACKAGEVERSION= | |
DESTDIR=. | |
CreateKeyring=create-gpgring.sh | |
if [ -x "${selfdir}/create-gpgring.sh" ]; then | |
CreateKeyring="${selfdir}/create-gpgring.sh" | |
fi | |
while [ $# -gt 0 ]; do | |
case "$1" in | |
-p) | |
shift | |
if [ $# -eq 0 ]; then | |
echo "Missing parameter value for -p" >&2 | |
exit 2 | |
fi | |
if [ -n "${PACKAGENAME}" ]; then | |
echo "Already have a package name: '${PACKAGENAME}'" >&2 | |
exit 2 | |
fi | |
PACKAGENAME="$1" | |
;; | |
-a) | |
shift | |
if [ $# -eq 0 ]; then | |
echo "Missing parameter value for -a" >&2 | |
exit 2 | |
fi | |
if [ -n "${PACKAGEAUTHOR}" ]; then | |
echo "Already have a package author: '${PACKAGEAUTHOR}'" >&2 | |
exit 2 | |
fi | |
PACKAGEAUTHOR="$1" | |
;; | |
-k) | |
shift | |
if [ $# -eq 0 ]; then | |
echo "Missing parameter value for -k" >&2 | |
exit 2 | |
fi | |
if [ -n "${KEYRING}" ]; then | |
echo "Already have a keyring filename: '${KEYRING}'" >&2 | |
exit 2 | |
fi | |
KEYRING="$1" | |
;; | |
-d) | |
shift | |
if [ $# -eq 0 ]; then | |
echo "Missing parameter value for -d" >&2 | |
exit 2 | |
fi | |
if [ "${DESTDIR}" != "." ]; then | |
echo "Already have a destination directory: '${DESTDIR}'" >&2 | |
exit 2 | |
fi | |
DESTDIR="$1" | |
;; | |
-v) | |
shift | |
if [ $# -eq 0 ]; then | |
echo "Missing parameter value for -v" >&2 | |
exit 2 | |
fi | |
if [ "${PACKAGEVERSION}" != "." ]; then | |
echo "Already have a package version: '${PACKAGEVERSION}'" >&2 | |
exit 2 | |
fi | |
PACKAGEVERSION="$1" | |
;; | |
--) | |
shift | |
KEYFILES+=("$@") | |
shift $# | |
;; | |
-*) | |
echo "Uknown option: '$1'" >&2 | |
exit 2 | |
;; | |
*) | |
KEYFILES+=("$1") | |
;; | |
esac | |
shift || true | |
done | |
if [ -z "${PACKAGENAME}" ]; then | |
echo "Need a package name (-p <...>)" >&2 | |
exit 2 | |
fi | |
if [ -z "${KEYFILES[*]}" ]; then | |
echo "No key files specified" >&2 | |
exit 2 | |
fi | |
if [ -z "${PACKAGEVERSION}" ]; then | |
PACKAGEVERSION=$(date +%Y%m%d%H%M) | |
fi | |
if [ -z "${PACKAGEAUTHOR}" ]; then | |
PACKAGEAUTHOR="${USER} <${USER}@$(hostname -f)>" | |
fi | |
if [ -z "${KEYRING}" ]; then | |
KEYRING="${PACKAGENAME}" | |
fi | |
if [ "${KEYRING:-4}" != ".gpg" ]; then | |
# enforce extension | |
KEYRING="${KEYRING}.gpg" | |
fi | |
mkdir -p "${tmpdir}/pkg/DEBIAN" "${tmpdir}/pkg/etc/apt/trusted.gpg.d/" "${tmpdir}/pkg/usr/share/doc/${PACKAGENAME}" | |
"${CreateKeyring}" -o "${tmpdir}/pkg/etc/apt/trusted.gpg.d/${KEYRING}" -- "${KEYFILES}" | |
cat > "${tmpdir}/pkg/usr/share/doc/${PACKAGENAME}/changelog" <<EOF | |
${PACKAGENAME} (${PACKAGEVERSION}) unstable; urgency=low | |
* Keyring from $(date +"%a, %d %b %Y %H:%M:%S %z") | |
-- ${PACKAGEAUTHOR} $(date +"%a, %d %b %Y %H:%M:%S %z") | |
EOF | |
gzip "${tmpdir}/pkg/usr/share/doc/${PACKAGENAME}/changelog" | |
PACKAGESIZE=$(du -ksc "${tmpdir}/pkg/etc" "${tmpdir}/pkg/usr" | tail -n1 | cut -f1) | |
cat >"${tmpdir}/pkg/DEBIAN/control" <<EOF | |
Package: ${PACKAGENAME} | |
Version: ${PACKAGEVERSION} | |
Architecture: all | |
Maintainer: ${PACKAGEAUTHOR} | |
Installed-Size: ${PACKAGESIZE} | |
Depends: gpgv | |
Recommends: gnupg | |
Breaks: apt (<< 0.7.25.1) | |
Section: misc | |
Priority: important | |
Multi-Arch: foreign | |
Description: GnuPG archive keys | |
This package contains archive keys for apt. | |
EOF | |
cat >"${tmpdir}/pkg/DEBIAN/conffiles" <<EOF | |
/etc/apt/trusted.gpg.d/${KEYRING} | |
EOF | |
echo "Building package:" | |
if [ "$UID" -eq 0 ]; then | |
dpkg-deb --build "${tmpdir}/pkg" "${tmpdir}/" | |
else | |
fakeroot -- dpkg-deb --build "${tmpdir}/pkg" "${tmpdir}/" | |
fi | |
PACKAGEFILE="${PACKAGENAME}_${PACKAGEVERSION}_all.deb" | |
if [ ! -f "${tmpdir}/${PACKAGEFILE}" ]; then | |
echo "Cannot find package file - build failed?" >&2 | |
echo 'List of temporary files:' >&2 | |
ls -Rlisha "${tmpdir}" >&2 | |
exit 1 | |
fi | |
mv "${tmpdir}/${PACKAGEFILE}" "${DESTDIR}/" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# syntax: $0 [-o <keyring outfile>] [--] <keyfiles...> | |
# export a key from your keyring: | |
# gpg -a --export --export-options export-minimal your@id | |
set -e | |
tmpdir=$(mktemp --tmpdir -d create-gpgring-XXXXXXX) | |
trap 'rm -rf "${tmpdir}"' EXIT | |
mygpg() { | |
gpg --homedir "${tmpdir}/.gnupg" --batch --no-tty --no-options --no-default-keyring --no-auto-check-trustdb --trustdb-name "${tmpdir}/trustdb.gpg" "$@" | |
} | |
unset INFILES | |
INFILES=() | |
OUTFILE= | |
while [ $# -gt 0 ]; do | |
case "$1" in | |
-o) | |
shift | |
if [ $# -eq 0 ]; then | |
echo "Missing parameter value for -o" >&2 | |
exit 2 | |
fi | |
OUTFILE="$1" | |
;; | |
--) | |
shift | |
INFILES+=("$@") | |
shift $# | |
;; | |
-*) | |
echo "Uknown option: '$1'" >&2 | |
exit 2 | |
;; | |
*) | |
INFILES+=("$1") | |
;; | |
esac | |
shift || true | |
done | |
if [ -z "${OUTFILE}" -o "${OUTFILE}" = "-" ]; then | |
OUTFILE="${tmpdir}/stdout" | |
fi | |
if [ -z "${INFILES[*]}" -o "${INFILES[*]}" = "-" ]; then | |
INFILES=("${tmpdir}/stdin") | |
cat > "${INFILES[0]}" | |
fi | |
export HOME="${tmpdir}" | |
KEYRING="${tmpdir}/keyring" | |
mygpg --keyring "${KEYRING}" --import -- "${INFILES[@]}" | |
mygpg --keyring "${KEYRING}" --list-keys | |
mv "${KEYRING}" "${OUTFILE}" | |
if [ -f "${tmpdir}/stdout" ]; then | |
cat "${tmpdir}/stdout" | |
fi |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment