Marian Marinov wrote:
You should also check this:
I am not really trilled by entering blank passwords.
Anyhow, I have developed nice script for automatic signing of (--addsign = only unsigned, --resign = all) rpm's.
Features: 1) It supports subdirectories of unlimited? depth. 2) Password is only asked once. 3) Timestamps are preserved. 4) Script outputs check of rpm's together with active GPG Key ID and time of signing. Useful for final check and logging.
I hope this script will find good use for rpm packagers.
I named the script "rpm-autosign".
NOTICE: I forgot to filter only files so I had to change code. Improved is:
Code:
#!/bin/bash
# Author Ljubomir Ljubojevic <office at plnet dot rs>
for i in $(find . -type f | grep .rpm); do touch -r "$i" "$i.zzz" done
#rpmsign --resign `find . | grep .rpm | grep -v .zzz` rpmsign --addsign `find . -type f | grep .rpm | grep -v .zzz`
for i in $(find . -type f | grep .rpm | grep -v .zzz); do touch -r "$i.zzz" "$i" done
for i in $(find . -type f | grep .zzz); do rm -f "$i" done
#rpmsign --checksig `find . | grep .rpm`
rpm -qp `find . -type f | grep .rpm` --qf='%-{NAME} %{BUILDHOST} %{PACKAGER} %{SIGGPG:pgpsig} \n' Notice that last line is broken in two by mail client.
Ljubomir
Ljubomir Ljubojevic wrote:
for i in $(find . -type f | grep .rpm); do
rpmsign --addsign `find . -type f | grep .rpm | grep -v .zzz`
just a small comment, grep uses regexps so this doesn't do what you want (eg the . is a wildcard char). Your script can break, silently (won't sign rpms whose name contains "any char followed by zzz") or not (will attempt to rpmsign eg myrpms.pl), with some particular file names.
what you really want is files ending with .rpm, so: grep '.rpm$'
On Sat, May 21, 2011 at 09:30:06AM +0200, Nicolas Thierry-Mieg wrote:
Ljubomir Ljubojevic wrote:
for i in $(find . -type f | grep .rpm); do
rpmsign --addsign `find . -type f | grep .rpm | grep -v .zzz`
just a small comment, grep uses regexps so this doesn't do what you want (eg the . is a wildcard char). Your script can break, silently (won't sign rpms whose name contains "any char followed by zzz") or not (will attempt to rpmsign eg myrpms.pl), with some particular file names.
what you really want is files ending with .rpm, so: grep '.rpm$'
Why are people passing this off to grep?
rpmsign --addsign $(find . -type f -name *.rpm ! -name *.zzz)
To be fair I've not read this entire thread so I may be missing something here.
John
On 05/21/11 12:43 AM, John R. Dennison wrote:
find . -type f -name *.rpm ! -name *.zzz
that won't work right anyways. the first -name says match just .rpm files. none of those will be .zzz so the 2nd expression won't ever get hit (all .rpm files are not .zzz files).
On Sat, May 21, 2011 at 12:50:10AM -0700, John R Pierce wrote:
that won't work right anyways. the first -name says match just .rpm files. none of those will be .zzz so the 2nd expression won't ever get hit (all .rpm files are not .zzz files).
That's what I get for posting at this hour of the morning :(
But even so, I still see little point in going through grep step when find has the ability internally.
John
John R. Dennison wrote:
On Sat, May 21, 2011 at 12:50:10AM -0700, John R Pierce wrote:
that won't work right anyways. the first -name says match just .rpm files. none of those will be .zzz so the 2nd expression won't ever get hit (all .rpm files are not .zzz files).
That's what I get for posting at this hour of the morning :(
But even so, I still see little point in going through grep step when find has the ability internally.
Please post on OT, I messed up with this post, did not use reply.
Ljubomir
John R. Dennison wrote:
On Sat, May 21, 2011 at 09:30:06AM +0200, Nicolas Thierry-Mieg wrote:
Ljubomir Ljubojevic wrote:
for i in $(find . -type f | grep .rpm); do
rpmsign --addsign `find . -type f | grep .rpm | grep -v .zzz`
just a small comment, grep uses regexps so this doesn't do what you want (eg the . is a wildcard char). Your script can break, silently (won't sign rpms whose name contains "any char followed by zzz") or not (will attempt to rpmsign eg myrpms.pl), with some particular file names.
what you really want is files ending with .rpm, so: grep '.rpm$'
Why are people passing this off to grep?
rpmsign --addsign $(find . -type f -name *.rpm ! -name *.zzz)
agreed, using find alone is "another way to do it", although as stated by John Pierce the second -name is useless here. I was pointing out a flaw in the code and offering a correction using "the same way to do it".
Nicolas Thierry-Mieg wrote:
John R. Dennison wrote:
On Sat, May 21, 2011 at 09:30:06AM +0200, Nicolas Thierry-Mieg wrote:
Ljubomir Ljubojevic wrote:
for i in $(find . -type f | grep .rpm); do rpmsign --addsign `find . -type f | grep .rpm | grep -v .zzz`
just a small comment, grep uses regexps so this doesn't do what you want (eg the . is a wildcard char). Your script can break, silently (won't sign rpms whose name contains "any char followed by zzz") or not (will attempt to rpmsign eg myrpms.pl), with some particular file names.
what you really want is files ending with .rpm, so: grep '.rpm$'
Why are people passing this off to grep?
rpmsign --addsign $(find . -type f -name *.rpm ! -name *.zzz)
agreed, using find alone is "another way to do it", although as stated by John Pierce the second -name is useless here. I was pointing out a flaw in the code and offering a correction using "the same way to do it".
I did some checking, yes find . -type f -name *.rpm does what I need it to do. Original command from KB's blog just used something like "find . -type f -name *.rpm" , without "" before *.rpm so I used grep to correct. I was not aware of benefit of "", finding examples for command "find" is little harder to google since it is VERY common word in general. Thanks for pointing this out.
Using *.rpm eliminates need for anything that contains ".zzz"
OK,
Part of e-mail from OT:
Anyhow, I have developed nice script for automatic signing of (--addsign = only unsigned, --resign = all) rpm's.
Features: 1) It supports subdirectories of unlimited? depth. 2) Password is only asked once. 3) Timestamps are preserved. 4) Script outputs check of rpm's together with active GPG Key ID and time of signing. Useful for final check and logging.
I hope this script will find good use for rpm packagers.
I named the script "rpm-autosign".
And the code is:
#!/bin/bash # Author Ljubomir Ljubojevic <office at plnet dot rs> for i in $(find . -type f -name *.rpm); do touch -r "$i" "$i.zzz" done rpmsign --addsign `find . -type f -name *.rpm` for i in $(find . -type f -name *.rpm); do touch -r "$i.zzz" "$i" done for i in $(find . -type f -name *.zzz); do rm -f "$i" done #rpmsign --checksig `find . -name *.rpm` rpm -qp `find . -type f -name *.rpm` --qf='%-{NAME} %{BUILDHOST} %{PACKAGER} %{SIGGPG:pgpsig} \n'
Notice that last line is broken in two by mail client.
Ljubomir
On Sat, May 21, 2011 at 10:13:52AM +0200, Nicolas Thierry-Mieg wrote:
agreed, using find alone is "another way to do it", although as stated by John Pierce the second -name is useless here. I was pointing out a flaw in the code and offering a correction using "the same way to do it".
Oh, indeed. My find construct was flawed from converting from the previous example at 0darkhundred and not paying proper attention after a far too long work week. Sorry for any confusion my post caused.
John
-
John R Pierce -
John R. Dennison -
Ljubomir Ljubojevic -
Nicolas Thierry-Mieg