- sign pkgs using external rpm binary

Changed files:
    bin/pfa-signpkg -> 1.3

diff --git a/bin/pfa-signpkg b/bin/pfa-signpkg
index 3541c897bfc8dc837ad2b15388a1476761bb6265..da66759f2dc2fb4cd48f3b886f8a2185a26788b5 100644 (file)
--- a/bin/pfa-signpkg
+++ b/bin/pfa-signpkg
@@ -8,6 +8,7 @@ from common import checkdir
 import ftpio
 from config import sign_key
 import rpm
+import subprocess
 
 if len(sys.argv) < 3:
     print >>sys.stderr, "ERR: not enough parameters given"
@@ -54,13 +55,24 @@ def is_signed(rpm_file, key):
 
     return key == sigid[-len(key):]
 
+def signpkgs(files):
+    if not os.path.isfile('/usr/bin/gpg'):
+        raise OSError, 'Missing gnupg binary'
+    if not os.path.isfile('/bin/rpm'):
+        raise OSError, 'Missing rpm binary'
+
+    cmd = ['/bin/rpm', '--resign']
+    cmd += files
+    rc = subprocess.call(cmd, stdin = subprocess.PIPE, stdout = subprocess.PIPE, stderr = subprocess.PIPE, close_fds = True)
+    if rc != 0:
+        print >>sys.stderr, "package signing failed"
+        sys.exit(rc)
+
 try:
     tree = ftptree.FtpTree(sys.argv[1]) #, loadall=True)
     tree.mark4moving(sys.argv[2:])
     files = tree.rpmfiles()
 
-    from pprint import pprint
-
     print "Checking signatures of %d files from %d packages" % (len(files), len(tree.loadedpkgs))
     sign = []
     for file in files:
@@ -69,6 +81,7 @@ try:
 
     if len(sign) > 0:
         print "Signing %d packages" % len(sign)
+        signpkgs(sign)
     else:
         print "No packages to sign"