extras-buildsys/utils/pushscript Utils.py, 1.28, 1.29 Push.py, 1.60, 1.61 PushPackage.py, 1.4, 1.5
Michael Schwendt
mschwendt at fedoraproject.org
Sun Mar 22 10:01:18 UTC 2009
Author: mschwendt
Update of /cvs/fedora/extras-buildsys/utils/pushscript
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv1299
Modified Files:
Utils.py Push.py PushPackage.py
Log Message:
Evaluate GPG --homedir arg in rpmsigncmds definitions when checking keys.
Index: Utils.py
===================================================================
RCS file: /cvs/fedora/extras-buildsys/utils/pushscript/Utils.py,v
retrieving revision 1.28
retrieving revision 1.29
diff -u -r1.28 -r1.29
--- Utils.py 8 Feb 2009 16:20:11 -0000 1.28
+++ Utils.py 22 Mar 2009 10:01:17 -0000 1.29
@@ -66,14 +66,13 @@
sys.exit(errno.EPERM)
-def sign_key_check(keyname):
- gpgpath = os.popen('rpm --eval %_gpg_path','r').read().rstrip()
- if (gpgpath != '%_gpg_path'):
- gpgpath = '--homedir %s'%gpgpath
+def sign_key_check(keyname,gpgpath=None):
+ if gpgpath:
+ homearg = '--homedir %s' % gpgpath
else:
- gpgpath = ''
+ homearg = ''
- gpg = os.popen("gpg %s --list-secret-keys --with-colons '%s'" % (gpgpath,keyname))
+ gpg = os.popen("gpg %s --list-secret-keys --with-colons '%s'" % (homearg,keyname))
gpgout = gpg.readlines()
seckeys = 0
for l in gpgout:
@@ -85,6 +84,33 @@
sys.exit(errno.EPERM)
+def sign_key_check_all(cfg):
+ # Check old single sign-key, if defined.
+ if hasattr(cfg,'signkeyname'):
+ gpgpath = os.popen('rpm --eval %_gpg_path','r').read().rstrip()
+ if (gpgpath == '%_gpg_path'):
+ gpgpath = None
+ sign_key_check(cfg.signkeyname,gpgpath)
+
+ # Check any sign-keys defined in new config dict.
+ if not hasattr(cfg,'rpmsigncmds'):
+ return
+ for d in cfg.alldists+['DEFAULT']:
+ if d not in cfg.rpmsigncmds.keys():
+ continue
+ _cmdargs = cfg.rpmsigncmds[d].split()
+ gpgpath = None
+ keyname = None
+ for i in range( len(_cmdargs) ):
+ _arg = _cmdargs[i]
+ if (_arg=='--homedir' and (i+1)<len(_cmdargs)):
+ gpgpath = _cmdargs[i+1]
+ if (_arg=='-u' or _arg=='--local-user') and ((i+1)<len(_cmdargs)):
+ keyname = _cmdargs[i+1]
+ if keyname:
+ sign_key_check(keyname,gpgpath)
+
+
def install_copy(src,dest,overwrite=False):
"""shutil.copy2 a file, but by default don't overwrite destination"""
if not overwrite and os.path.exists(dest):
Index: Push.py
===================================================================
RCS file: /cvs/fedora/extras-buildsys/utils/pushscript/Push.py,v
retrieving revision 1.60
retrieving revision 1.61
diff -u -r1.60 -r1.61
--- Push.py 22 Mar 2009 08:17:20 -0000 1.60
+++ Push.py 22 Mar 2009 10:01:17 -0000 1.61
@@ -416,6 +416,8 @@
os.umask(cfg.signersumask)
Utils.signer_gid_check(cfg.signersgid)
+ if cfg.opts.signkeycheck:
+ Utils.sign_key_check_all(cfg)
if '-c' in sys.argv[2:]:
sys.argv.remove('-c')
@@ -442,20 +444,6 @@
if not len(diststopush):
usage()
- if cfg.opts.signkeycheck:
- # Check old single sign-key, if defined.
- if hasattr(cfg,'signkeyname'):
- Utils.sign_key_check(cfg.signkeyname)
- # Check any sign-keys defined in new config dict.
- if hasattr(cfg,'rpmsigncmds'):
- for d in diststopush+['DEFAULT']:
- if d in cfg.rpmsigncmds.keys():
- _cmdargs = cfg.rpmsigncmds[d].split()
- for i in range( len(_cmdargs) ):
- _arg = _cmdargs[i]
- if (_arg=='-u' or _arg=='--local-user') and ((i+1)<len(_cmdargs)):
- Utils.sign_key_check(_cmdargs[i+1])
-
if not os.path.exists(cfg.rundir):
os.makedirs(cfg.rundir)
lockfile = os.path.join(cfg.rundir,'pushscript.lock')
Index: PushPackage.py
===================================================================
RCS file: /cvs/fedora/extras-buildsys/utils/pushscript/PushPackage.py,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- PushPackage.py 29 Sep 2008 15:54:07 -0000 1.4
+++ PushPackage.py 22 Mar 2009 10:01:18 -0000 1.5
@@ -49,10 +49,10 @@
if hasattr(cfg.opts,'pushtotesting') and cfg.opts.pushtotesting and argstable:
del cfg.opts.pushtotesting
+ os.umask(cfg.signersumask)
Utils.signer_gid_check(cfg.signersgid)
if cfg.opts.signkeycheck:
- Utils.sign_key_check(cfg.signkeyname)
- os.umask(cfg.signersumask)
+ Utils.sign_key_check_all(cfg)
if not os.path.exists(cfg.rundir):
os.makedirs(cfg.rundir)
More information about the fedora-extras-commits
mailing list