[Fai-commit] r5592 - in trunk: debian doc lib

Thomas Lange lange at alioth.debian.org
Fri Oct 23 13:22:55 UTC 2009


Author: lange
Date: 2009-10-23 13:22:55 +0000 (Fri, 23 Oct 2009)
New Revision: 5592

Modified:
   trunk/debian/NEWS
   trunk/debian/changelog
   trunk/doc/fai-guide.txt
   trunk/lib/subroutines
Log:
  add APT keys from package_config/*.asc files (closes: #363701,#504018)

Modified: trunk/debian/NEWS
===================================================================
--- trunk/debian/NEWS	2009-10-22 21:18:24 UTC (rev 5591)
+++ trunk/debian/NEWS	2009-10-23 13:22:55 UTC (rev 5592)
@@ -2,11 +2,12 @@
 
   - variable FAI_CONFIGDIR moved from fai.conf to make-fai-nfsroot.conf
   - automatic tests are now supported
+  - dirinstall now uses FAI_CONFIG_SRC instead of FAI_CONFIGDIR
+  - files named package_config/*.asc are added to the list of apt keys
   - cvs, bootpc, expect and mdetect are not installed by default into the
     nfsroot
-  - dirinstall now uses FAI_CONFIG_SRC instead of FAI_CONFIGDIR
   
- -- Thomas Lange <lange at debian.org>  Tue, 20 Oct 2009 12:33:43 +0200
+ -- Thomas Lange <lange at debian.org>  Fri, 23 Oct 2009 14:07:07 +0200
 
 fai (3.2.8) unstable; urgency=low
 

Modified: trunk/debian/changelog
===================================================================
--- trunk/debian/changelog	2009-10-22 21:18:24 UTC (rev 5591)
+++ trunk/debian/changelog	2009-10-23 13:22:55 UTC (rev 5592)
@@ -1,4 +1,4 @@
-fai (3.2.23~beta26) unstable; urgency=low
+fai (3.2.23~beta27) unstable; urgency=low
 
   [ Thomas Lange ]
   * NEWS: add hint about missing packages in nfsroot, changes in
@@ -18,6 +18,7 @@
     if two softupdates are running, print the name of the lock file
     set trap for softupdate after checking if second instance is running
     check if test.log exists before using grep
+    add APT keys from package_config/*.asc files (closes: #363701,#504018)
   * fai-class: add string warning to message
   * task_sysinfo: call blkid on all disks
   * fcopy: add die() after open command
@@ -148,7 +149,7 @@
   [ Holger Levsen ]
   * update to standards version 3.8.2, no changes needed
  
- -- Thomas Lange <lange at debian.org>  Thu, 22 Oct 2009 17:00:03 +0200
+ -- Thomas Lange <lange at debian.org>  Fri, 23 Oct 2009 13:59:50 +0200
 
 fai (3.2.20) unstable; urgency=low
 

Modified: trunk/doc/fai-guide.txt
===================================================================
--- trunk/doc/fai-guide.txt	2009-10-22 21:18:24 UTC (rev 5591)
+++ trunk/doc/fai-guide.txt	2009-10-23 13:22:55 UTC (rev 5592)
@@ -5,7 +5,7 @@
 FAI Guide (Fully Automatic Installation)
 ========================================
 Thomas Lange <lange at informatik.uni-koeln.de>
-1.1, Thu, 22 Oct 2009 22:21:56 +0200
+1.1, Thu, Fri, 23 Oct 2009 14:25:10 +0200
 
 
 :faiver:  3.3
@@ -1210,9 +1210,9 @@
 that is used by `debconf-set-selections(8)`.
 
 _package_config/_::
-File with
-lists of software
-packages to be installed or removed.
+Files with class names contain lists of software packages to be
+installed or removed. Files named '*.asc' are added to the key list of
+apt. 
 
 _scripts/_::
 Script for local site
@@ -1637,6 +1637,10 @@
 `fai-chboot(8)`. If you can't use this command, define it in the
 script 'LAST.var'.
 
+FAI_ALLOW_UNSIGNED::
+If set to 1, FAI allows the installation of packages from unsigned
+repositories.
+
 CONSOLEFONT::
 Is the font which is loaded during installation by `consolechars(8)`.
 
@@ -1868,6 +1872,18 @@
 and don't list them otherwise
 ////
 
+
+Before installing packages, fai will add the content of all files
+named _package_config/*.asc_ to the list of apt keys. If your local
+repository is signed by your keyid AB12CD34 you can easily add this key,
+so fai will use it during installation. Use this command for creating
+the '.asc' file:
+
+----
+faiserver$ gpg -a --export AB12CD34 > /srv/fai/config/package_config/myrepo.asc
+----
+
+
 The script `install_packages(8)` installs the selected software
 packages. It uses all configuration files in '$FAI/package_config'
 whose file name matches a defined class. The syntax is very simple.

Modified: trunk/lib/subroutines
===================================================================
--- trunk/lib/subroutines	2009-10-22 21:18:24 UTC (rev 5591)
+++ trunk/lib/subroutines	2009-10-23 13:22:55 UTC (rev 5592)
@@ -836,6 +836,14 @@
 Aptitude::CmdLine::Ignore-Trust-Violations yes;
 EOF
     fi
+
+    local keyfile
+    # add apt keys for signed repositories
+    for keyfile in `cd $FAI/package_config; ls *.asc`; do
+	echo -n "Loading APT key from $keyfile "
+	cat $FAI/package_config/$keyfile | $ROOTCMD apt-key add -
+    done
+
     # during normal installation, we need sources.list from /etc/apt
     [ $do_init_tasks -eq 1 ] && FAI_ETC_DIR=/etc
     [ -d $FAI_ETC_DIR/apt ] && cp -r $FAI_ETC_DIR/apt/* $FAI_ROOT/etc/apt/




More information about the Fai-commit mailing list