Send patches - preferably formatted by git format-patch - to patches at archlinux32 dot org.
summaryrefslogtreecommitdiff
path: root/archiso/mkarchiso
diff options
context:
space:
mode:
authornl6720 <nl6720@gmail.com>2022-10-12 13:12:29 +0300
committernl6720 <nl6720@gmail.com>2022-10-13 13:37:14 +0300
commit11971619a671c778b027ce823e1c1a7d9ad48482 (patch)
tree7e0d07d8543b9a19deb4f45b8c456de15faae9b6 /archiso/mkarchiso
parentf4f0a3a5ecbb13dd76e7fef09642e7f15808d347 (diff)
mkarchiso: do not sign .sig files
Make sure existing sig files are deleted before creating new ones and make sure to not sign any sig files. This allows retrying failed mkarchiso runs without ending up with files such as vmlinuz.ipxe.sig.ipxe.sig. Fixes #198
Diffstat (limited to 'archiso/mkarchiso')
-rwxr-xr-xarchiso/mkarchiso7
1 files changed, 4 insertions, 3 deletions
diff --git a/archiso/mkarchiso b/archiso/mkarchiso
index 2fbbf66..caeb21e 100755
--- a/archiso/mkarchiso
+++ b/archiso/mkarchiso
@@ -254,7 +254,7 @@ _mk_pgp_signature() {
local gpg_options=()
local airootfs_image_filename="${1}"
_msg_info "Signing rootfs image using GPG..."
-
+
rm -f -- "${airootfs_image_filename}.sig"
# Add gpg sender option if the value is provided
[[ -z "${gpg_sender}" ]] || gpg_options+=('--sender' "${gpg_sender}")
@@ -1054,7 +1054,7 @@ _cms_sign_artifact() {
fi
_msg_info "Signing ${artifact} image using openssl cms..."
-
+
rm -f -- "${artifact}.cms.sig"
openssl cms "${openssl_flags[@]}"
@@ -1073,7 +1073,8 @@ _sign_netboot_artifacts() {
_files_to_sign+=("${_dir}${_file}")
fi
done
- for _file in "${_files_to_sign[@]}" "${_dir}${arch}/vmlinuz-"* "${_dir}${arch}/initramfs-"*.img; do
+ for _file in "${_files_to_sign[@]}" "${_dir}${arch}/vmlinuz-"!(*.sig) "${_dir}${arch}/initramfs-"*.img; do
+ rm -f -- "${_file}".ipxe.sig
openssl cms \
-sign \
-binary \