From 2da65f64adfbce72671cdd7e482b55f1f83d135d Mon Sep 17 00:00:00 2001 From: nl6720 Date: Sat, 26 Nov 2022 21:18:15 +0200 Subject: mkarchiso: check if the code signing files specified with option -c exist Look for the files in `*_validate_options` and error out early if they do not exist. --- CHANGELOG.rst | 1 + archiso/mkarchiso | 10 +++++++++- 2 files changed, 10 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.rst b/CHANGELOG.rst index 4fa88db..400628a 100644 --- a/CHANGELOG.rst +++ b/CHANGELOG.rst @@ -15,6 +15,7 @@ Changed - Check if the GPG public key file was successfully placed in the work directory before trying to use it. - Open the file descriptors for code signing certificates and GPG public key as read only. Nothing from the within the ``pacstrap`` invoked chroot should ever be allowed to write outside of it. +- Error out early if any of the code signing certificate files passed with option ``-c`` do not exist. Removed ------- diff --git a/archiso/mkarchiso b/archiso/mkarchiso index 7a3fd1c..8449f51 100755 --- a/archiso/mkarchiso +++ b/archiso/mkarchiso @@ -1522,7 +1522,7 @@ _read_profile() { # Validate set options _validate_options() { - local validation_error=0 _buildmode + local validation_error=0 _buildmode certfile _msg_info "Validating options..." @@ -1532,6 +1532,14 @@ _validate_options() { _msg_error "File '${pacman_conf}' does not exist." 0 fi + # Check if the code signing certificate files exist + for certfile in "${cert_list[@]}"; do + if [[ ! -e "$certfile" ]]; then + (( validation_error=validation_error+1 )) + _msg_error "Code signing certificate '${certfile}' does not exist." 0 + fi + done + # Check if the specified buildmodes are supported for _buildmode in "${buildmodes[@]}"; do if typeset -f "_build_buildmode_${_buildmode}" &> /dev/null; then -- cgit v1.2.3-70-g09d2