[elbe-devel] [PATCH] Fix bin-cdrom.iso signature validation in initvm-create
Olivier Dion
dion at linutronix.de
Thu Jul 16 16:39:25 CEST 2020
On Thu, 16 Jul 2020, Olivier Dion <dion at linutronix.de> wrote:
> The public signature of the cdrom is exported in repomanager.py using the
> export_key() call, to the bin-cdrom.iso.
>
> This public key is then extracted in init.py and added to the list of
> raw keys to generate elbe-keyring.gpg that is used by the installer.
>
> Signed-off-by: Olivier Dion <dion at linutronix.de>
> ---
> elbepack/commands/init.py | 44 ++++++++++++++++++++-------------------
> elbepack/egpg.py | 1 -
> elbepack/repomanager.py | 4 +---
> 3 files changed, 24 insertions(+), 25 deletions(-)
>
> diff --git a/elbepack/commands/init.py b/elbepack/commands/init.py
> index 834cdfd7..e902354b 100644
> --- a/elbepack/commands/init.py
> +++ b/elbepack/commands/init.py
> @@ -22,7 +22,7 @@ from elbepack.version import elbe_version
> from elbepack.templates import write_template, get_initvm_preseed
> from elbepack.directories import init_template_dir, elbe_dir
> from elbepack.config import cfg
> -from elbepack.shellhelper import command_out, system, do
> +from elbepack.shellhelper import command_out, system, do, system_out
> from elbepack.log import elbe_logging
> from elbepack.filesystem import Filesystem
>
> @@ -225,32 +225,34 @@ def run_command(argv):
> shutil.copyfile(args[0],
> os.path.join(out_path, "source.xml"))
>
> +
> + keys = []
> + for key in xml.all(".//initvm/mirror/url-list/url/raw-key"):
> + keys.append(key.et.text)
> +
> if opt.cdrom:
> - system('7z x -o%s "%s" elbe-keyring.gpg' % (out_path, opt.cdrom))
> - else:
> - keys = []
> - for key in xml.all(".//initvm/mirror/url-list/url/raw-key"):
> - keys.append(key.et.text)
> + cmd = '7z x -so "%s" repo.pub'
Forgot % opt.cdrom here. V2 is coming.
--
Olivier Dion
Linutronix GmbH | Bahnhofstrasse 3 | D-88690 Uhldingen-Mühlhofen
More information about the elbe-devel
mailing list