| index : archiso32 | |
| Archlinux32 iso tools | gitolite user |
| summaryrefslogtreecommitdiff |
| author | nl6720 <nl6720@gmail.com> | 2021-08-03 21:12:25 +0300 |
|---|---|---|
| committer | nl6720 <nl6720@gmail.com> | 2021-08-25 00:26:07 +0300 |
| commit | 59dffcf11a3e7d55e4d9171ba2b4a2d0bd262368 (patch) | |
| tree | f851f53f193c257a8edb8b959d614322448dc79f /archiso | |
| parent | ea9572b98e7648bc090e240798244656662e2a09 (diff) | |
| -rwxr-xr-x | archiso/mkarchiso | 17 |
diff --git a/archiso/mkarchiso b/archiso/mkarchiso index 0a46fd6..a77d3d9 100755 --- a/archiso/mkarchiso +++ b/archiso/mkarchiso @@ -19,6 +19,7 @@ quiet="" work_dir="" out_dir="" gpg_key="" +gpg_sender="" iso_name="" iso_label="" iso_publisher="" @@ -88,7 +89,10 @@ usage: ${app_name} [options] <profile_dir> Multiple files are provided as quoted, space delimited list. The first file is considered as the signing certificate, the second as the key. - -g <gpg_key> Set the PGP key ID to be used for signing the rootfs image + -g <gpg_key> Set the PGP key ID to be used for signing the rootfs image. + Passed to gpg as the value for --default-key + -G <mbox> Set the PGP signer (must include an email address) + Passed to gpg as the value for --sender -h This message -m [mode ..] Build mode(s) to use (valid modes are: 'bootstrap', 'iso' and 'netboot'). Multiple build modes are provided as quoted, space delimited list. @@ -119,6 +123,7 @@ _show_config() { _msg_info " Current build mode: ${buildmode}" _msg_info " Build modes: ${buildmodes[*]}" _msg_info " GPG key: ${gpg_key:-None}" + _msg_info " GPG signer: ${gpg_sender:-None}" _msg_info "Code signing certificates: ${cert_list[*]}" _msg_info " Profile: ${profile}" _msg_info "Pacman configuration file: ${pacman_conf}" @@ -238,7 +243,7 @@ _mkchecksum() { # GPG sign the root file system image. _mksignature() { - local airootfs_image_filename + local airootfs_image_filename gpg_options=() _msg_info "Signing rootfs image..." if [[ -e "${isofs_dir}/${install_dir}/${arch}/airootfs.sfs" ]]; then airootfs_image_filename="${isofs_dir}/${install_dir}/${arch}/airootfs.sfs" @@ -246,9 +251,11 @@ _mksignature() { airootfs_image_filename="${isofs_dir}/${install_dir}/${arch}/airootfs.erofs" fi rm -f -- "${airootfs_image_filename}.sig" + # Add gpg sender option if the value is provided + [[ -z "${gpg_sender}" ]] || gpg_options+=('--sender' "${gpg_sender}") # always use the .sig file extension, as that is what mkinitcpio-archiso's hooks expect gpg --batch --no-armor --no-include-key-block --output "${airootfs_image_filename}.sig" --detach-sign \ - --default-key "${gpg_key}" "${airootfs_image_filename}" + --default-key "${gpg_key}" "${gpg_options[@]}" "${airootfs_image_filename}" _msg_info "Done!" } @@ -1111,6 +1118,7 @@ _set_overrides() { install_dir="${app_name}" fi [[ ! -v override_gpg_key ]] || gpg_key="$override_gpg_key" + [[ ! -v override_gpg_sender ]] || gpg_sender="$override_gpg_sender" if [[ -v override_cert_list ]]; then sign_netboot_artifacts="y" fi @@ -1261,7 +1269,7 @@ _build() { done } -while getopts 'c:p:C:L:P:A:D:w:m:o:g:vh?' arg; do +while getopts 'c:p:C:L:P:A:D:w:m:o:g:G:vh?' arg; do case "${arg}" in p) read -r -a override_pkg_list <<< "${OPTARG}" ;; C) override_pacman_conf="${OPTARG}" ;; @@ -1274,6 +1282,7 @@ while getopts 'c:p:C:L:P:A:D:w:m:o:g:vh?' arg; do m) read -r -a override_buildmodes <<< "${OPTARG}" ;; o) override_out_dir="${OPTARG}" ;; g) override_gpg_key="${OPTARG}" ;; + G) override_gpg_sender="${OPTARG}" ;; v) override_quiet="n" ;; h|?) _usage 0 ;; *) |