prepare spec for sb update

This commit is contained in:
Louis Abel 2024-04-03 10:14:20 -07:00
parent 8991b61c76
commit c6723ce681
Signed by: label
GPG Key ID: 2A6975660E424560
3 changed files with 64 additions and 46 deletions

Binary file not shown.

Binary file not shown.

View File

@ -21,7 +21,7 @@
%define distro_code Blue Onyx
%define major 9
%define minor 4
%define rocky_rel 1%{?rllh:.%{rllh}}%{!?rllh:.1}
%define rocky_rel 1%{?rllh:.%{rllh}}%{!?rllh:.2}
%define rpm_license BSD-3-Clause
%define dist .el%{major}
%define home_url https://rockylinux.org/
@ -152,32 +152,40 @@ Source1203: rocky-devel.repo
Source1300: rocky.1.gz
# rocky secureboot certs placeholder (1400-1499)
Source1400: rockydup1.x509
Source1401: rockykpatch1.x509
Source1402: rocky-root-ca.der
#
Source1403: rocky-fwupd.cer
Source1404: rocky-grub2.cer
Source1405: rocky-kernel.cer
Source1406: rocky-shim.cer
Source1407: rocky-uki-virt.cer
Source1408: rocky-fwupd-aarch64.cer
Source1409: rocky-grub2-aarch64.cer
Source1410: rocky-kernel-aarch64.cer
Source1411: rocky-shim-aarch64.cer
Source1412: rocky-uki-virt-aarch64.cer
# all certs in DER format
Source1433: rocky-fwupd.der
Source1434: rocky-grub2.der
Source1435: rocky-kernel.der
Source1436: rocky-shim.der
Source1437: rocky-uki-virt.der
Source1438: rocky-fwupd-aarch64.der
Source1439: rocky-grub2-aarch64.der
Source1440: rocky-kernel-aarch64.der
Source1441: rocky-shim-aarch64.der
Source1442: rocky-uki-virt-aarch64.der
# 1400 is the root
# 1401-1420 are dedicated to the kernel
# 1421-1440 is dedicated to x86_64
# 1441-1460 is dedicated to aarch64
Source1400: rocky-root-ca.der
Source1401: rockydup1.x509
Source1402: rockykpatch1.x509
Source1403: rockydup1-aarch64.x509
Source1404: rockykpatch1-aarch64.x509
# x86_64
Source1421: rocky-fwupd.cer
Source1422: rocky-grub2.cer
Source1423: rocky-kernel.cer
Source1424: rocky-shim.cer
Source1425: rocky-uki-virt.cer
# x86_64 in der
Source1426: rocky-fwupd.der
Source1427: rocky-grub2.der
Source1428: rocky-kernel.der
Source1429: rocky-shim.der
Source1430: rocky-uki-virt.der
# aarch64
Source1441: rocky-fwupd-aarch64.cer
Source1442: rocky-grub2-aarch64.cer
Source1443: rocky-kernel-aarch64.cer
Source1444: rocky-shim-aarch64.cer
Source1445: rocky-uki-virt-aarch64.cer
# aarch64 in der
Source1446: rocky-fwupd-aarch64.der
Source1447: rocky-grub2-aarch64.der
Source1448: rocky-kernel-aarch64.der
Source1449: rocky-shim-aarch64.der
Source1450: rocky-uki-virt-aarch64.der
%description
%{distro_name} release files.
@ -324,32 +332,39 @@ install -d -m 0755 %{buildroot}%{_sysconfdir}/pki/sb-certs/
install -d -m 0755 %{buildroot}%{_datadir}/pki/sb-certs/
# Backported certs for now
## all cer
## root and kernel
install -m 0644 %{SOURCE1400} %{buildroot}%{_datadir}/pki/sb-certs/
install -m 0644 %{SOURCE1401} %{buildroot}%{_datadir}/pki/sb-certs/
install -m 0644 %{SOURCE1402} %{buildroot}%{_datadir}/pki/sb-certs/
install -m 0644 %{SOURCE1403} %{buildroot}%{_datadir}/pki/sb-certs/
install -m 0644 %{SOURCE1404} %{buildroot}%{_datadir}/pki/sb-certs/
install -m 0644 %{SOURCE1405} %{buildroot}%{_datadir}/pki/sb-certs/
install -m 0644 %{SOURCE1406} %{buildroot}%{_datadir}/pki/sb-certs/
install -m 0644 %{SOURCE1407} %{buildroot}%{_datadir}/pki/sb-certs/
install -m 0644 %{SOURCE1408} %{buildroot}%{_datadir}/pki/sb-certs/
install -m 0644 %{SOURCE1409} %{buildroot}%{_datadir}/pki/sb-certs/
install -m 0644 %{SOURCE1410} %{buildroot}%{_datadir}/pki/sb-certs/
install -m 0644 %{SOURCE1411} %{buildroot}%{_datadir}/pki/sb-certs/
install -m 0644 %{SOURCE1412} %{buildroot}%{_datadir}/pki/sb-certs/
## all der
install -m 0644 %{SOURCE1433} %{buildroot}%{_datadir}/pki/sb-certs/
install -m 0644 %{SOURCE1434} %{buildroot}%{_datadir}/pki/sb-certs/
install -m 0644 %{SOURCE1435} %{buildroot}%{_datadir}/pki/sb-certs/
install -m 0644 %{SOURCE1436} %{buildroot}%{_datadir}/pki/sb-certs/
install -m 0644 %{SOURCE1437} %{buildroot}%{_datadir}/pki/sb-certs/
install -m 0644 %{SOURCE1438} %{buildroot}%{_datadir}/pki/sb-certs/
install -m 0644 %{SOURCE1439} %{buildroot}%{_datadir}/pki/sb-certs/
install -m 0644 %{SOURCE1440} %{buildroot}%{_datadir}/pki/sb-certs/
## x86_64
# cer
install -m 0644 %{SOURCE1421} %{buildroot}%{_datadir}/pki/sb-certs/
install -m 0644 %{SOURCE1422} %{buildroot}%{_datadir}/pki/sb-certs/
install -m 0644 %{SOURCE1423} %{buildroot}%{_datadir}/pki/sb-certs/
install -m 0644 %{SOURCE1424} %{buildroot}%{_datadir}/pki/sb-certs/
install -m 0644 %{SOURCE1425} %{buildroot}%{_datadir}/pki/sb-certs/
# der
install -m 0644 %{SOURCE1426} %{buildroot}%{_datadir}/pki/sb-certs/
install -m 0644 %{SOURCE1427} %{buildroot}%{_datadir}/pki/sb-certs/
install -m 0644 %{SOURCE1428} %{buildroot}%{_datadir}/pki/sb-certs/
install -m 0644 %{SOURCE1429} %{buildroot}%{_datadir}/pki/sb-certs/
install -m 0644 %{SOURCE1430} %{buildroot}%{_datadir}/pki/sb-certs/
## aarch64
# cer
install -m 0644 %{SOURCE1441} %{buildroot}%{_datadir}/pki/sb-certs/
install -m 0644 %{SOURCE1442} %{buildroot}%{_datadir}/pki/sb-certs/
install -m 0644 %{SOURCE1443} %{buildroot}%{_datadir}/pki/sb-certs/
install -m 0644 %{SOURCE1444} %{buildroot}%{_datadir}/pki/sb-certs/
install -m 0644 %{SOURCE1445} %{buildroot}%{_datadir}/pki/sb-certs/
# der
install -m 0644 %{SOURCE1446} %{buildroot}%{_datadir}/pki/sb-certs/
install -m 0644 %{SOURCE1447} %{buildroot}%{_datadir}/pki/sb-certs/
install -m 0644 %{SOURCE1448} %{buildroot}%{_datadir}/pki/sb-certs/
install -m 0644 %{SOURCE1449} %{buildroot}%{_datadir}/pki/sb-certs/
install -m 0644 %{SOURCE1450} %{buildroot}%{_datadir}/pki/sb-certs/
# Placeholders
# x86_64
ln -sr %{buildroot}%{_datadir}/pki/sb-certs/rocky-root-ca.der %{buildroot}%{_datadir}/pki/sb-certs/secureboot-ca-x86_64.cer
@ -480,6 +495,9 @@ install -m 0644 %{SOURCE404} %{buildroot}/%{_prefix}/lib/sysctl.d/50-redhat.conf
%{_datadir}/pki/sb-certs/*
%changelog
* Wed Apr 03 2024 Louis Abel <label@rockylinux.org> - 9.4-1.2
- Update SB certs
* Wed Mar 27 2024 Louis Abel <label@rockylinux.org> - 9.4-1.1
- Preparation for 9.4