git: cc5b590ab296 - main - security/archlinux-keyring: update to 20230504
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Sat, 10 Jun 2023 07:12:28 UTC
The branch main has been updated by vishwin: URL: https://cgit.FreeBSD.org/ports/commit/?id=cc5b590ab296644da3ad80c687227f7282be31f2 commit cc5b590ab296644da3ad80c687227f7282be31f2 Author: Charlie Li <vishwin@FreeBSD.org> AuthorDate: 2023-06-10 07:07:19 +0000 Commit: Charlie Li <vishwin@FreeBSD.org> CommitDate: 2023-06-10 07:07:19 +0000 security/archlinux-keyring: update to 20230504 Now uses sequoia-sq to generate the keyring. Also run-depend on archlinux-pacman to initialise/populate/update the keyring on the target such that the official Arch Linux pacman repositories verify PGP signatures properly. Event: SouthEast LinuxFest 2023 --- security/archlinux-keyring/Makefile | 29 ++++++++++++++++++---- security/archlinux-keyring/distinfo | 6 ++--- .../files/archlinux-keyring.ucl.in | 29 ++++++++++++++++++++++ security/archlinux-keyring/files/patch-Makefile | 26 +++++++++++++++++++ 4 files changed, 82 insertions(+), 8 deletions(-) diff --git a/security/archlinux-keyring/Makefile b/security/archlinux-keyring/Makefile index 223b2066b3c1..061fa418ac7d 100644 --- a/security/archlinux-keyring/Makefile +++ b/security/archlinux-keyring/Makefile @@ -1,19 +1,38 @@ PORTNAME= archlinux-keyring -DISTVERSION= 20211028 +DISTVERSION= 20230504 CATEGORIES= security -MASTER_SITES= https://sources.archlinux.org/other/${PORTNAME}/ -MAINTAINER= vishwin@vishwin.info +MAINTAINER= vishwin@FreeBSD.org COMMENT= Arch Linux PGP keyring WWW= https://gitlab.archlinux.org/archlinux/archlinux-keyring/ -LICENSE= GPLv2+ +LICENSE= GPLv3+ + +BUILD_DEPENDS= sq:security/sequoia-sq \ + ginstall:sysutils/coreutils \ + bash:shells/bash +RUN_DEPENDS= bash:shells/bash \ + pacman-key:sysutils/pacman@archlinux + +USES= gmake pkgconfig python shebangfix trigger +SHEBANG_FILES= keyringctl wkd_sync +BINARY_ALIAS= install=ginstall + +USE_GITLAB= yes +GL_SITE= https://gitlab.archlinux.org +GL_ACCOUNT= archlinux +GL_COMMIT= f7749fd39c019922d504a43b7e94ceef6ae9e0ff -NO_BUILD= yes NO_ARCH= yes PLIST_FILES= share/pacman/keyrings/archlinux-revoked \ share/pacman/keyrings/archlinux-trusted \ share/pacman/keyrings/archlinux.gpg +post-patch: + @${REINPLACE_CMD} -e 's|/bin|$(PREFIX)/bin|' ${WRKSRC}/Makefile + +pre-install: + ${MKDIR} ${STAGEDIR}${PREFIX}/share/pacman/keyrings + .include <bsd.port.mk> diff --git a/security/archlinux-keyring/distinfo b/security/archlinux-keyring/distinfo index 3249d47e2277..ea86297a5d2d 100644 --- a/security/archlinux-keyring/distinfo +++ b/security/archlinux-keyring/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1640127917 -SHA256 (archlinux-keyring-20211028.tar.gz) = 3d7fba47441173dfab6eec1cebf9fce4151277f6e06513e2150ccd9d71691cbc -SIZE (archlinux-keyring-20211028.tar.gz) = 1041081 +TIMESTAMP = 1685311318 +SHA256 (archlinux-archlinux-keyring-f7749fd39c019922d504a43b7e94ceef6ae9e0ff_GL0.tar.gz) = 292b16790c66f858a475862656bd1e9a1d6b474e0d2178dd86a8863186f0c165 +SIZE (archlinux-archlinux-keyring-f7749fd39c019922d504a43b7e94ceef6ae9e0ff_GL0.tar.gz) = 1566790 diff --git a/security/archlinux-keyring/files/archlinux-keyring.ucl.in b/security/archlinux-keyring/files/archlinux-keyring.ucl.in new file mode 100644 index 000000000000..ce622abb06c5 --- /dev/null +++ b/security/archlinux-keyring/files/archlinux-keyring.ucl.in @@ -0,0 +1,29 @@ +path_glob: %%LOCALBASE%%/share/pacman/keyrings +cleanup: { + type: lua + sandbox: false + script: <<EOS +function cleanup(directory) + for _,d in ipairs(pkg.readdir(directory)) do + local full_path = directory .. "/" .. d + local stat = pkg.stat(full_path) + if stat["type"] == "dir" then + cleanup(full_path) + end + os.remove(full_path) + end + os.remove(directory) +end + +cleanup("%%LOCALBASE%%/etc/pacman.d/gnupg") +EOS +} +trigger: { + type: lua + sandbox: false + script: <<EOS +pkg.exec({"pacman-key", "--init"}) +pkg.exec({"pacman-key", "--populate", "archlinux"}) +pkg.exec({"pacman-key", "--updatedb"}) +EOS +} diff --git a/security/archlinux-keyring/files/patch-Makefile b/security/archlinux-keyring/files/patch-Makefile new file mode 100644 index 000000000000..c444ed75eecf --- /dev/null +++ b/security/archlinux-keyring/files/patch-Makefile @@ -0,0 +1,26 @@ +--- Makefile.orig 2023-05-02 19:14:05 UTC ++++ Makefile +@@ -51,22 +51,11 @@ clean: + clean: + rm -rf $(BUILD_DIR) $(WKD_BUILD_DIR) + +-install: build wkd_sync_service ++install: build + install -vDm 644 build/{$(KEYRING_FILE),$(KEYRING_REVOKED_FILE),$(KEYRING_TRUSTED_FILE)} -t $(DESTDIR)$(KEYRING_TARGET_DIR) +- install -vDm 755 wkd_sync/$(WKD_SYNC_SCRIPT) -t $(DESTDIR)$(SCRIPT_TARGET_DIR) +- install -vDm 644 build/$(WKD_SYNC_SERVICE) -t $(DESTDIR)$(SYSTEMD_SYSTEM_UNIT_DIR) +- install -vDm 644 wkd_sync/$(WKD_SYNC_TIMER) -t $(DESTDIR)$(SYSTEMD_SYSTEM_UNIT_DIR) +- install -vdm 755 $(DESTDIR)$(SYSTEMD_TIMER_DIR) +- ln -fsv ../$(WKD_SYNC_TIMER) $(DESTDIR)$(SYSTEMD_TIMER_DIR)/$(WKD_SYNC_TIMER) + + uninstall: + rm -fv $(DESTDIR)$(KEYRING_TARGET_DIR)/{$(KEYRING_FILE),$(KEYRING_REVOKED_FILE),$(KEYRING_TRUSTED_FILE)} + rmdir -pv --ignore-fail-on-non-empty $(DESTDIR)$(KEYRING_TARGET_DIR) +- rm -v $(DESTDIR)$(SCRIPT_TARGET_DIR)/$(WKD_SYNC_SCRIPT) +- rmdir -pv --ignore-fail-on-non-empty $(DESTDIR)$(SCRIPT_TARGET_DIR) +- rm -v $(DESTDIR)$(SYSTEMD_SYSTEM_UNIT_DIR)/{$(WKD_SYNC_SERVICE),$(WKD_SYNC_TIMER)} +- rmdir -pv --ignore-fail-on-non-empty $(DESTDIR)$(SYSTEMD_SYSTEM_UNIT_DIR) +- rm -v $(DESTDIR)$(SYSTEMD_TIMER_DIR)/$(WKD_SYNC_TIMER) +- rmdir -pv --ignore-fail-on-non-empty $(DESTDIR)$(SYSTEMD_TIMER_DIR) + + .PHONY: all lint fmt check test clean install uninstall wkd wkd_inspect