git: cc5b590ab296 - main - security/archlinux-keyring: update to 20230504
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Sat, 10 Jun 2023 07:12:28 UTC
The branch main has been updated by vishwin:
URL: https://cgit.FreeBSD.org/ports/commit/?id=cc5b590ab296644da3ad80c687227f7282be31f2
commit cc5b590ab296644da3ad80c687227f7282be31f2
Author: Charlie Li <vishwin@FreeBSD.org>
AuthorDate: 2023-06-10 07:07:19 +0000
Commit: Charlie Li <vishwin@FreeBSD.org>
CommitDate: 2023-06-10 07:07:19 +0000
security/archlinux-keyring: update to 20230504
Now uses sequoia-sq to generate the keyring. Also run-depend on
archlinux-pacman to initialise/populate/update the keyring on the
target such that the official Arch Linux pacman repositories verify
PGP signatures properly.
Event: SouthEast LinuxFest 2023
---
security/archlinux-keyring/Makefile | 29 ++++++++++++++++++----
security/archlinux-keyring/distinfo | 6 ++---
.../files/archlinux-keyring.ucl.in | 29 ++++++++++++++++++++++
security/archlinux-keyring/files/patch-Makefile | 26 +++++++++++++++++++
4 files changed, 82 insertions(+), 8 deletions(-)
diff --git a/security/archlinux-keyring/Makefile b/security/archlinux-keyring/Makefile
index 223b2066b3c1..061fa418ac7d 100644
--- a/security/archlinux-keyring/Makefile
+++ b/security/archlinux-keyring/Makefile
@@ -1,19 +1,38 @@
PORTNAME= archlinux-keyring
-DISTVERSION= 20211028
+DISTVERSION= 20230504
CATEGORIES= security
-MASTER_SITES= https://sources.archlinux.org/other/${PORTNAME}/
-MAINTAINER= vishwin@vishwin.info
+MAINTAINER= vishwin@FreeBSD.org
COMMENT= Arch Linux PGP keyring
WWW= https://gitlab.archlinux.org/archlinux/archlinux-keyring/
-LICENSE= GPLv2+
+LICENSE= GPLv3+
+
+BUILD_DEPENDS= sq:security/sequoia-sq \
+ ginstall:sysutils/coreutils \
+ bash:shells/bash
+RUN_DEPENDS= bash:shells/bash \
+ pacman-key:sysutils/pacman@archlinux
+
+USES= gmake pkgconfig python shebangfix trigger
+SHEBANG_FILES= keyringctl wkd_sync
+BINARY_ALIAS= install=ginstall
+
+USE_GITLAB= yes
+GL_SITE= https://gitlab.archlinux.org
+GL_ACCOUNT= archlinux
+GL_COMMIT= f7749fd39c019922d504a43b7e94ceef6ae9e0ff
-NO_BUILD= yes
NO_ARCH= yes
PLIST_FILES= share/pacman/keyrings/archlinux-revoked \
share/pacman/keyrings/archlinux-trusted \
share/pacman/keyrings/archlinux.gpg
+post-patch:
+ @${REINPLACE_CMD} -e 's|/bin|$(PREFIX)/bin|' ${WRKSRC}/Makefile
+
+pre-install:
+ ${MKDIR} ${STAGEDIR}${PREFIX}/share/pacman/keyrings
+
.include <bsd.port.mk>
diff --git a/security/archlinux-keyring/distinfo b/security/archlinux-keyring/distinfo
index 3249d47e2277..ea86297a5d2d 100644
--- a/security/archlinux-keyring/distinfo
+++ b/security/archlinux-keyring/distinfo
@@ -1,3 +1,3 @@
-TIMESTAMP = 1640127917
-SHA256 (archlinux-keyring-20211028.tar.gz) = 3d7fba47441173dfab6eec1cebf9fce4151277f6e06513e2150ccd9d71691cbc
-SIZE (archlinux-keyring-20211028.tar.gz) = 1041081
+TIMESTAMP = 1685311318
+SHA256 (archlinux-archlinux-keyring-f7749fd39c019922d504a43b7e94ceef6ae9e0ff_GL0.tar.gz) = 292b16790c66f858a475862656bd1e9a1d6b474e0d2178dd86a8863186f0c165
+SIZE (archlinux-archlinux-keyring-f7749fd39c019922d504a43b7e94ceef6ae9e0ff_GL0.tar.gz) = 1566790
diff --git a/security/archlinux-keyring/files/archlinux-keyring.ucl.in b/security/archlinux-keyring/files/archlinux-keyring.ucl.in
new file mode 100644
index 000000000000..ce622abb06c5
--- /dev/null
+++ b/security/archlinux-keyring/files/archlinux-keyring.ucl.in
@@ -0,0 +1,29 @@
+path_glob: %%LOCALBASE%%/share/pacman/keyrings
+cleanup: {
+ type: lua
+ sandbox: false
+ script: <<EOS
+function cleanup(directory)
+ for _,d in ipairs(pkg.readdir(directory)) do
+ local full_path = directory .. "/" .. d
+ local stat = pkg.stat(full_path)
+ if stat["type"] == "dir" then
+ cleanup(full_path)
+ end
+ os.remove(full_path)
+ end
+ os.remove(directory)
+end
+
+cleanup("%%LOCALBASE%%/etc/pacman.d/gnupg")
+EOS
+}
+trigger: {
+ type: lua
+ sandbox: false
+ script: <<EOS
+pkg.exec({"pacman-key", "--init"})
+pkg.exec({"pacman-key", "--populate", "archlinux"})
+pkg.exec({"pacman-key", "--updatedb"})
+EOS
+}
diff --git a/security/archlinux-keyring/files/patch-Makefile b/security/archlinux-keyring/files/patch-Makefile
new file mode 100644
index 000000000000..c444ed75eecf
--- /dev/null
+++ b/security/archlinux-keyring/files/patch-Makefile
@@ -0,0 +1,26 @@
+--- Makefile.orig 2023-05-02 19:14:05 UTC
++++ Makefile
+@@ -51,22 +51,11 @@ clean:
+ clean:
+ rm -rf $(BUILD_DIR) $(WKD_BUILD_DIR)
+
+-install: build wkd_sync_service
++install: build
+ install -vDm 644 build/{$(KEYRING_FILE),$(KEYRING_REVOKED_FILE),$(KEYRING_TRUSTED_FILE)} -t $(DESTDIR)$(KEYRING_TARGET_DIR)
+- install -vDm 755 wkd_sync/$(WKD_SYNC_SCRIPT) -t $(DESTDIR)$(SCRIPT_TARGET_DIR)
+- install -vDm 644 build/$(WKD_SYNC_SERVICE) -t $(DESTDIR)$(SYSTEMD_SYSTEM_UNIT_DIR)
+- install -vDm 644 wkd_sync/$(WKD_SYNC_TIMER) -t $(DESTDIR)$(SYSTEMD_SYSTEM_UNIT_DIR)
+- install -vdm 755 $(DESTDIR)$(SYSTEMD_TIMER_DIR)
+- ln -fsv ../$(WKD_SYNC_TIMER) $(DESTDIR)$(SYSTEMD_TIMER_DIR)/$(WKD_SYNC_TIMER)
+
+ uninstall:
+ rm -fv $(DESTDIR)$(KEYRING_TARGET_DIR)/{$(KEYRING_FILE),$(KEYRING_REVOKED_FILE),$(KEYRING_TRUSTED_FILE)}
+ rmdir -pv --ignore-fail-on-non-empty $(DESTDIR)$(KEYRING_TARGET_DIR)
+- rm -v $(DESTDIR)$(SCRIPT_TARGET_DIR)/$(WKD_SYNC_SCRIPT)
+- rmdir -pv --ignore-fail-on-non-empty $(DESTDIR)$(SCRIPT_TARGET_DIR)
+- rm -v $(DESTDIR)$(SYSTEMD_SYSTEM_UNIT_DIR)/{$(WKD_SYNC_SERVICE),$(WKD_SYNC_TIMER)}
+- rmdir -pv --ignore-fail-on-non-empty $(DESTDIR)$(SYSTEMD_SYSTEM_UNIT_DIR)
+- rm -v $(DESTDIR)$(SYSTEMD_TIMER_DIR)/$(WKD_SYNC_TIMER)
+- rmdir -pv --ignore-fail-on-non-empty $(DESTDIR)$(SYSTEMD_TIMER_DIR)
+
+ .PHONY: all lint fmt check test clean install uninstall wkd wkd_inspect