summaryrefslogtreecommitdiffstats
path: root/meta/recipes-devtools/opkg
diff options
context:
space:
mode:
authorPaul Barker <paul@paulbarker.me.uk>2014-12-21 13:26:27 +0000
committerRichard Purdie <richard.purdie@linuxfoundation.org>2015-02-03 14:53:56 +0000
commitd8f0011c23a6b8441323974acc70b08c81cfefbd (patch)
tree9c663cbe87423fb35a10f71af3487abbe90c270c /meta/recipes-devtools/opkg
parent9d3e44df2958976fdcaf92a9cfa911f68870194b (diff)
downloadast2050-yocto-poky-d8f0011c23a6b8441323974acc70b08c81cfefbd.zip
ast2050-yocto-poky-d8f0011c23a6b8441323974acc70b08c81cfefbd.tar.gz
opkg-keyrings: New recipe
This recipe wraps package and package feed verification keys into a package, making the management and deployment of verification keys much easier. Comments on how to select keys for inclusion in this package are provided in the recipe file. (From OE-Core rev: 2104111edc85d057eb4fadecd007f5c592803da6) Signed-off-by: Paul Barker <paul@paulbarker.me.uk> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-devtools/opkg')
-rw-r--r--meta/recipes-devtools/opkg/opkg-keyrings_1.0.bb48
1 files changed, 48 insertions, 0 deletions
diff --git a/meta/recipes-devtools/opkg/opkg-keyrings_1.0.bb b/meta/recipes-devtools/opkg/opkg-keyrings_1.0.bb
new file mode 100644
index 0000000..18d6abd
--- /dev/null
+++ b/meta/recipes-devtools/opkg/opkg-keyrings_1.0.bb
@@ -0,0 +1,48 @@
+SUMMARY = "Keyrings for verifying opkg packages and feeds"
+LICENSE = "MIT"
+LIC_FILES_CHKSUM = "file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384361b4de20420"
+
+# Distro-specific keys can be added to this package in two ways:
+#
+# 1) In a .bbappend, add .gpg and/or .asc files to SRC_URI and install them to
+# ${D}${datadir}/opkg/keyrings/ in a do_install_append function. These
+# files should not be named 'key-$name.gpg' to ensure they don't conflict
+# with keys exported as per (2).
+#
+# 2) In a .bbappend, distro config or local.conf, override the variable
+# OPKG_KEYRING_KEYS to contain a space-separated list of key names. For
+# each name, 'gpg --export $name' will be ran to export the public key to a
+# file named 'key-$name.gpg'. The public key must therefore be in the gpg
+# keyrings on the build machine.
+
+OPKG_KEYRING_KEYS ?= ""
+
+do_compile() {
+ for name in ${OPKG_KEYRING_KEYS}; do
+ gpg --export ${name} > ${B}/key-${name}.gpg
+ done
+}
+
+do_install () {
+ install -d ${D}${datadir}/opkg/keyrings/
+ for name in ${OPKG_KEYRING_KEYS}; do
+ install -m 0644 ${B}/key-${name}.gpg ${D}${datadir}/opkg/keyrings/
+ done
+}
+
+FILES_${PN} = "${datadir}/opkg/keyrings"
+
+# We need 'opkg-key' to run the postinst script
+RDEPENDS_${PN} = "opkg"
+
+pkg_postinst_${PN} () {
+#! /bin/sh
+set -e
+
+if [ x"$D" = "x" ]; then
+ # On target
+ opkg-key populate
+else
+ exit 1
+fi
+}
OpenPOWER on IntegriCloud