Skip to content

Commit 9192bf7

Browse files
nursenurse
committed
Drop GPG signing
1 parent a8d6a76 commit 9192bf7

File tree

1 file changed

+1
-51
lines changed

1 file changed

+1
-51
lines changed

contrib/debian-packages/generate_ossec.sh

+1-51
Original file line numberDiff line numberDiff line change
@@ -36,10 +36,6 @@ codenames_debian=(sid jessie wheezy)
3636
# architectures=(amd64 i386) only options available
3737
architectures=(arm64)
3838

39-
# GPG key
40-
signing_key='7A1B7C76'
41-
signing_pass=`cat /root/.gnupg/passphrase`
42-
4339
# Debian files
4440
debian_files_path="/home/ubuntu/debian_files"
4541

@@ -347,36 +343,7 @@ do
347343
echo " + Package ${results_dir}/${deb_file} ${codename}-${arch} contains ${files} files" | write_log
348344
fi
349345

350-
# Signing Debian package
351-
if [ ! -f "${results_dir}/${changes_file}" ] || [ ! -f "${results_dir}/${dsc_file}" ] ; then
352-
echo "Error: Could not find dsc and changes file in ${results_dir}" | write_log
353-
exit 1
354-
fi
355-
sudo /usr/bin/expect -c "
356-
spawn sudo debsign --re-sign -k${signing_key} ${results_dir}/${changes_file}
357-
expect -re \".*Enter passphrase:.*\"
358-
send \"${signing_pass}\r\"
359-
expect -re \".*Enter passphrase:.*\"
360-
send \"${signing_pass}\r\"
361-
expect -re \".*Successfully signed dsc and changes files.*\" exit 0
362-
exit 1
363-
"
364-
if [ $? -eq 0 ] ; then
365-
echo " + Successfully signed Debian package ${changes_file} ${codename}-${arch}" | write_log
366-
else
367-
echo "Error: Could not sign Debian package ${changes_file} ${codename}-${arch}" | write_log
368-
exit 1
369-
fi
370-
371-
# Verifying signed changes and dsc files
372-
if sudo gpg --verify "${results_dir}/${dsc_file}" && sudo gpg --verify "${results_dir}/${changes_file}" ; then
373-
echo " + Successfully verified GPG signature for files ${dsc_file} and ${changes_file}" | write_log
374-
else
375-
echo "Error: Could not verify GPG signature for ${dsc_file} and ${changes_file}" | write_log
376-
exit 1
377-
fi
378-
379-
echo "Successfully built and signed Debian package ${package} ${codename}-${arch}" | write_log
346+
echo "Successfully built Debian package ${package} ${codename}-${arch}" | write_log
380347

381348
done
382349
done
@@ -438,23 +405,6 @@ do
438405
include_package="cd /var/www/repos/apt/debian; reprepro includedeb ${codename} /opt/incoming/${deb_file}"
439406
fi
440407

441-
/usr/bin/expect -c "
442-
spawn sudo ssh root@ossec-repository \"${remove_package}\"
443-
expect -re \"Not removed as not found.*\" { exit 1 }
444-
expect -re \".*enter passphrase:.*\" { send \"${signing_pass}\r\" }
445-
expect -re \".*enter passphrase:.*\" { send \"${signing_pass}\r\" }
446-
expect -re \".*deleting.*\"
447-
"
448-
449-
/usr/bin/expect -c "
450-
spawn sudo ssh root@ossec-repository \"${include_package}\"
451-
expect -re \"Skipping inclusion.*\" { exit 1 }
452-
expect -re \".*enter passphrase:.*\"
453-
send \"${signing_pass}\r\"
454-
expect -re \".*enter passphrase:.*\"
455-
send \"${signing_pass}\r\"
456-
expect -re \".*Exporting.*\"
457-
"
458408
echo "Successfully added package ${deb_file} to server repository for ${codename} distribution" | write_log
459409
done
460410
done

0 commit comments

Comments
 (0)