Use ARCHIVE_KEYRING parameter to not hardcode debian-archive-keyring and let derivatives use their own keyring package.

This commit is contained in:
Raphaël Hertzog 2013-04-12 08:43:07 +00:00
parent 81267447ee
commit ef1e317123
3 changed files with 19 additions and 4 deletions

View File

@ -185,6 +185,10 @@ export CONTRIB=1
# validate the mirror. # validate the mirror.
#export DEBOOTSTRAP_OPTS="--keyring /usr/share/keyrings/debian-archive-keyring.gpg" #export DEBOOTSTRAP_OPTS="--keyring /usr/share/keyrings/debian-archive-keyring.gpg"
# Indicate the package which contains the keyrings needed so that APT
# doesn't complain about unsigned package.
#export ARCHIVE_KEYRING="debian-archive-keyring"
# ISOLinux support for multiboot on CD1 for i386 # ISOLinux support for multiboot on CD1 for i386
export ISOLINUX=1 export ISOLINUX=1

View File

@ -37,6 +37,9 @@ endif
ifndef HOOK ifndef HOOK
HOOK=$(BASEDIR)/tools/$(CODENAME).hook HOOK=$(BASEDIR)/tools/$(CODENAME).hook
endif endif
ifndef ARCHIVE_KEYRING
ARCHIVE_KEYRING=debian-archive-keyring
endif
export BUILD_DATE=$(shell date -u +%Y%m%d-%H:%M) export BUILD_DATE=$(shell date -u +%Y%m%d-%H:%M)
export ARCHES_NOSRC=$(shell echo $(ARCHES) | sed 's/source//') export ARCHES_NOSRC=$(shell echo $(ARCHES) | sed 's/source//')
@ -227,12 +230,12 @@ $(ADIR)/status:
:> $(ADIR)/status :> $(ADIR)/status
# Set up keyring so apt doesn't complain # Set up keyring so apt doesn't complain
@echo "Setting up debian-archive-keyring" @echo "Setting up archive-keyring"
$(Q)mkdir -p $(TDIR)/debian-archive-keyring $(Q)mkdir -p $(TDIR)/archive-keyring
$(Q)dpkg -x $(MIRROR)/$(shell $(which_deb) $(MIRROR) $(CODENAME) debian-archive-keyring) $(TDIR)/debian-archive-keyring $(Q)dpkg -x $(MIRROR)/$(shell $(which_deb) $(MIRROR) $(CODENAME) $(ARCHIVE_KEYRING)) $(TDIR)/archive-keyring
$(Q)for ARCH in $(ARCHES); do \ $(Q)for ARCH in $(ARCHES); do \
mkdir -p $(ADIR)/$(CODENAME)-$$ARCH/apt/trusted.gpg.d; \ mkdir -p $(ADIR)/$(CODENAME)-$$ARCH/apt/trusted.gpg.d; \
ln -s $(TDIR)/debian-archive-keyring/usr/share/keyrings/* $(ADIR)/$(CODENAME)-$$ARCH/apt/trusted.gpg.d; \ ln -s $(TDIR)/archive-keyring/usr/share/keyrings/* $(ADIR)/$(CODENAME)-$$ARCH/apt/trusted.gpg.d; \
done done
# Updating the apt database # Updating the apt database

8
debian/changelog vendored
View File

@ -1,3 +1,11 @@
debian-cd (3.1.13) UNRELEASED; urgency=low
[ Robert Spencer ]
* Use ARCHIVE_KEYRING parameter to not hardcode debian-archive-keyring
and let derivatives use their own keyring package.
-- Raphaël Hertzog <hertzog@debian.org> Fri, 12 Apr 2013 10:32:56 +0200
debian-cd (3.1.12) unstable; urgency=low debian-cd (3.1.12) unstable; urgency=low
[ Steve McIntyre ] [ Steve McIntyre ]