--- Begin Message ---
- To: submit@bugs.debian.org
- Subject: debrsign: a script to REMOTELY sign .changes and .dsc files
- From: Mike Goldman <whig@by.net>
- Date: Fri, 03 Sep 1999 06:45:20 +0000
- Message-id: <37CF6E80.589D161B@by.net>
Package: devscripts
Severity: wishlist
I think that this script may make a worthwhile addition to the
devscripts package. If one builds a package on one system, but needs to
sign the .changes on another for security reasons, this makes the
process a lot easier.
#! /bin/bash
# This program is used to REMOTELY sign a PGP .dsc and .changes file
# pair in the form needed for a legal Debian upload. It is based on
# dpkg-buildpackage and signchanges, part of the devscripts package.
#
# In order for this program to work, signchanges must be installed
# on the REMOTE machine which will be used to sign your package.
# You should run this program from within the package directory on
# the build machine.
#
# Usage: debrsign [user@]remotehost
# You may also provide the following options, which will be passed
# on to signchanges:
# -k<key> The PGP/GPG key ID to use
# -p<type> <type> is either pgp or gpg to specify which to use
# -spgp,-sgpg The program takes arguments like pgp or gpg respectively
# Debian GNU/Linux debrsign. Copyright (C) 1999 Mike Goldman
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
# Abort if anything goes wrong
set -e
mustsetvar () {
if [ "x$2" = x ]; then
echo >&2 "$progname: unable to determine $3" ; \
exit 1
else
echo "$progname: $3 is $2" ; \
eval "$1=\"\$2\""
fi
}
# --- main script
# For security:
PATH=/usr/local/bin:/usr/bin:/bin
unset IFS
mustsetvar package "`dpkg-parsechangelog | sed -n 's/^Source: //p'`" "source package"
mustsetvar version "`dpkg-parsechangelog | sed -n 's/^Version: //p'`" "source version"
mustsetvar arch "`dpkg --print-architecture`" "build architecture"
sversion=`echo "$version" | perl -pe 's/^\d+://'`
pv="${package}_${sversion}"
pva="${package}_${sversion}${arch:+_${arch}}"
dsc="$pv.dsc"
chg="$pva.changes"
if [ ! -f ../"$chg" -o ! -r ../"$chg" ]
then
echo $"Can't find or can't read changes file ../$chg!" >&2
exit 1
fi
signargs=
while [ $# != 0 ]
do
value="`echo x\"$1\" | sed -e 's/^x-.//'`"
case "$1" in
-spgp) signargs="$signargs -spgp" ;;
-sgpg) signargs="$signargs -sgpg" ;;
-p*) signargs="$signargs -p$value" ;;
-k*) signargs="$signargs -k$value" ;;
*) remotehost=$1 ;;
esac
shift
done
if [ "x$remotehost" == "x" ]
then
echo $"No [user@]remotehost specified!" >&2
exit 1
fi
# Is there a dsc file listed in the changes file?
if grep -q "$dsc" ../"$chg"
then
scp ../"$chg" ../"$dsc" $remotehost:~
ssh $remotehost signchanges $signargs $chg
scp $remotehost:~/$chg ..
scp $remotehost:~/$dsc ..
else
scp ../"$chg" $remotehost:~
ssh $remotehost signchanges $signargs $chg
scp $remotehost:~/$chg ..
fi
echo $"Successfully signed changes file"
exit 0
--- End Message ---