[Pkg-gnupg-commit] [gnupg2] 02/08: Introduce gpgv-static package (Closes: #806940)

Daniel Kahn Gillmor dkg at fifthhorseman.net
Thu Nov 10 18:16:10 UTC 2016 

This is an automated email from the git hooks/post-receive script.

dkg pushed a commit to branch master
in repository gnupg2.

commit 7aac1e58c38970bc0400b97ba89af17821407016
Author: Daniel Kahn Gillmor <dkg at fifthhorseman.net>
Date:   Tue Nov 8 19:44:10 2016 -0600

    Introduce gpgv-static package (Closes: #806940)
---
 debian/clean                         |  1 +
 debian/control                       | 24 ++++++++++++++++++++++++
 debian/gpgv-static.1                 | 32 ++++++++++++++++++++++++++++++++
 debian/gpgv-static.install           |  1 +
 debian/gpgv-static.lintian-overrides |  3 +++
 debian/gpgv-static.manpages          |  1 +
 debian/rules                         |  4 ++++
 7 files changed, 66 insertions(+)

diff --git a/debian/clean b/debian/clean
index 1f44e57..fd4440a 100644
--- a/debian/clean
+++ b/debian/clean
@@ -1,4 +1,5 @@
 po/*.gmo
 po/stamp-po
+build-gpgv-static/
 build-gpgv-udeb/
 build-gpgv-win32/
diff --git a/debian/control b/debian/control
index 1502e42..5484ab0 100644
--- a/debian/control
+++ b/debian/control
@@ -252,6 +252,30 @@ Description: minimal signature verification tool
  This is GnuPG's signature verification tool, gpgv, packaged in minimal
  form for use in debian-installer.
 
+Package: gpgv-static
+Priority: extra
+Architecture: any
+Depends:
+ ${misc:Depends},
+ ${shlibs:Depends},
+Recommends:
+ debian-archive-keyring,
+ debootstrap,
+Description: minimal signature verification tool (static build)
+ GnuPG is GNU's tool for secure communication and data storage.
+ It can be used to encrypt data and to create digital signatures.
+ It includes an advanced key management facility and is compliant
+ with the proposed OpenPGP Internet standard as described in RFC 4880.
+ .
+ This is GnuPG's signature verification tool, gpgv, built statically
+ so that it can be directly used on any platform that is running on
+ the Linux kernel.  Android and ChromeOS are two well known examples,
+ but there are many other platforms that this will work for, like
+ embedded Linux OSes.  This gpgv in combination with debootstrap and
+ the Debian archive keyring allows the secure creation of chroot
+ installs on these platforms by using the full Debian signature
+ verification that is present in all official Debian mirrors.
+
 Package: gpgv-win32
 Architecture: all
 Priority: extra
diff --git a/debian/gpgv-static.1 b/debian/gpgv-static.1
new file mode 100644
index 0000000..c8dcc1a
--- /dev/null
+++ b/debian/gpgv-static.1
@@ -0,0 +1,32 @@
+.TH GPGV-STATIC "1" "November 2016" "GnuPG" "Gnu Privacy Guard 2.1"
+
+.SH NAME
+gpgv-static - Verify OpenPGP signatures (static build)
+
+.SH SYNOPSIS
+.B gpgv-static [\fIoptions\fP] \fIsigned_files\fP
+
+.SH DESCRIPTION
+\fBgpgv\fR is an OpenPGP signature verification tool.
+
+\fBgpgv-static\fR is \fBgpgv\fR built statically so that it can be
+directly used on any platform that is running on the Linux kernel,
+such as Android, ChromeOS, or many embedded Linux systems.
+
+This version of \fBgpgv\fR in combination with \fBdebootstrap\fR and
+the Debian archive keyring allows the secure creation of chroot
+installs on these platforms by using the full Debian signature
+verification that is present in all official Debian mirrors.
+
+You may wish to re-name the binary to plain \fBgpgv\fR when
+transferring it into such a platform to create a chroot.
+
+Please read the documentation for \fBgpgv\fR for more details.
+
+.SH SEE ALSO
+\fBgpg\fR(1)
+
+.SH AUTHOR
+This manual page was written by Daniel Kahn Gillmor
+<dkg at fifthhorseman.net> for the Debian project, but may be used by
+others under the same license as GnuPG itself.
diff --git a/debian/gpgv-static.install b/debian/gpgv-static.install
new file mode 100644
index 0000000..adb6deb
--- /dev/null
+++ b/debian/gpgv-static.install
@@ -0,0 +1 @@
+build-gpgv-static/g10/gpgv-static usr/bin/
diff --git a/debian/gpgv-static.lintian-overrides b/debian/gpgv-static.lintian-overrides
new file mode 100644
index 0000000..fa0b8df
--- /dev/null
+++ b/debian/gpgv-static.lintian-overrides
@@ -0,0 +1,3 @@
+# gpgv-static is deliberately built statically.  We cannot avoid
+# embedding zlib.
+gpgv-static: embedded-library usr/bin/gpgv-static: zlib
diff --git a/debian/gpgv-static.manpages b/debian/gpgv-static.manpages
new file mode 100644
index 0000000..e3f73aa
--- /dev/null
+++ b/debian/gpgv-static.manpages
@@ -0,0 +1 @@
+debian/gpgv-static.1
diff --git a/debian/rules b/debian/rules
index ad9d744..501bd3f 100755
--- a/debian/rules
+++ b/debian/rules
@@ -32,6 +32,10 @@ override_dh_auto_configure:
 override_dh_auto_build-arch:
 	dh_auto_build --builddirectory=build-gpgv-udeb
 	dh_auto_build --builddirectory=build
+	cp -a build-gpgv-udeb build-gpgv-static
+	rm -f build-gpgv-static/g10/gpgv
+	cd build-gpgv-static/g10 && $(MAKE) LDFLAGS="$$LDFLAGS -pie -static" gpgv
+	mv build-gpgv-static/g10/gpgv build-gpgv-static/g10/gpgv-static
 
 override_dh_auto_build-indep:
 	mkdir -p build-gpgv-win32

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-gnupg/gnupg2.git

More information about the Pkg-gnupg-commit mailing list