Verified Commit 598d07be authored by Sherif Nagy's avatar Sherif Nagy
Browse files

Clearing out main branch

parent c8ddf3f2
patch {
file: "ROCKY/_supporting/0001-Adding-rocky-certs.patch"
}
patch {
file: "ROCKY/_supporting/0002-fixing-required-build-release-numbers.patch"
}
delete {
file: "SOURCES/redhatsecureboot501.cer"
}
delete {
file: "SOURCES/redhatsecurebootca5.cer"
}
add {
file: "ROCKY/_supporting/rocky-root-ca.der"
}
add {
file: "ROCKY/_supporting/rocky-signing.der"
}
replace {
file: "BOOTIA32.CSV"
with_file: "ROCKY/_supporting/BOOTIA32.CSV"
}
replace {
file: "BOOTAA64.CSV"
with_file: "ROCKY/_supporting/BOOTAA64.CSV"
}
replace {
file: "BOOTX64.CSV"
with_file: "ROCKY/_supporting/BOOTX64.CSV"
}
replace {
file: "shimia32.efi"
with_lookaside: "fb88b401a7d25253dec57ac0cfa9943ef72ccb86673552964959eb3c89146ded"
}
replace {
file: "shimaa64.efi"
with_lookaside: "2a4e2d160c8ec31c9ae6a34534aaf1df6d2744183a93e0469f3a9885ca1dc043"
}
replace {
file: "shimx64.efi"
with_lookaside: "b12d41a4180f7e3abb316175f077b8f5b99db21e94b6aec74f87c0655416fb01"
}
spec_change {
file {
name: "redhatsecureboot501.cer"
type: Source
delete: true
}
file {
name: "redhatsecurebootca5.cer"
type: Source
delete: true
}
append {
field: "Release"
value: ".1.rocky"
}
changelog {
author_name: "Sherif Nagy"
author_email: "sherif@rockylinux.org"
message: "Adding prod certs"
}
changelog {
author_name: "Sherif Nagy"
author_email: "sherif@rockylinux.org"
message: "Updating Rocky shim efi and CSV files"
}
changelog {
author_name: "Sherif Nagy"
author_email: "sherif@disroot.org"
message: "Updating Rocky testing certs and restructuring"
}
changelog {
author_name: "Sherif Nagy"
author_email: "sherif@disroot.org"
message: "Updating Rocky testing certs"
}
changelog {
author_name: "Sherif Nagy"
author_email: "sherif@disroot.org"
message: "Moving to PEM certs for Rocky"
}
changelog {
author_name: "Sherif Nagy"
author_email: "sherif@disroot.org"
message: "Remove Centos Certs and added Rocky certs"
}
}
From 06be5d7060de4f96ed6712489ff9d55feb0fdf5b Mon Sep 17 00:00:00 2001
From: Sherif Nagy <sherif@rockylinux.org>
Date: Thu, 20 May 2021 18:32:58 +0100
Subject: [PATCH] Adding rocky certs
---
SOURCES/shim.rpmmacros | 4 ++--
SPECS/shim.spec | 2 ++
2 files changed, 4 insertions(+), 2 deletions(-)
diff --git a/SOURCES/shim.rpmmacros b/SOURCES/shim.rpmmacros
index f477f25..24990c0 100644
--- a/SOURCES/shim.rpmmacros
+++ b/SOURCES/shim.rpmmacros
@@ -1,7 +1,7 @@
%global debug_package %{nil}
%global __brp_mangle_shebangs_exclude_from_file %{expand:%{_builddir}/shim-%{efi_arch}-%{version}-%{release}.%{_target_cpu}-shebangs.txt}
%global vendor_token_str %{expand:%%{nil}%%{?vendor_token_name:-t "%{vendor_token_name}"}}
-%global vendor_cert_str %{expand:%%{!?vendor_cert_nickname:-c "Red Hat Test Certificate"}%%{?vendor_cert_nickname:-c "%%{vendor_cert_nickname}"}}
+%global vendor_cert_str %{expand:%%{!?vendor_cert_nickname:-c "Rocky Test Cert - Rocky Enterprise Software Foundation"}%%{?vendor_cert_nickname:-c "%%{vendor_cert_nickname}"}}
%global bootcsvaa64 %{expand:%{SOURCE10}}
%global bootcsvia32 %{expand:%{SOURCE11}}
@@ -90,7 +90,7 @@ version signed by the UEFI signing service. \
# -i <input>
%define distrosign(b:a:d:) \
cp -av %{-d*}/%{-b*}%{-a*}.efi %{-b*}%{-a*}-unsigned.efi \
- %{expand:%%sign -i %{-b*}%{-a*}-unsigned.efi -o %{-b*}%{-a*}-signed.efi -n redhatsecureboot501 -a %{SOURCE2} -c %{SOURCE1} }\
+ %{expand:%%sign -i %{-b*}%{-a*}-unsigned.efi -o %{-b*}%{-a*}-signed.efi -n rockybootsigningcert -a %{SOURCE90000} -c %{SOURCE90001} }\
%{nil}
# -a <efiarch>
diff --git a/SPECS/shim.spec b/SPECS/shim.spec
index e73f31f..f4e1adf 100644
--- a/SPECS/shim.spec
+++ b/SPECS/shim.spec
@@ -27,6 +27,8 @@ Source12: BOOTX64.CSV
Source22: shimx64.efi
#Source13: BOOTARM.CSV
#Source23: shimarm.efi
+Source90000: rocky-root-ca.der
+Source90001: rocky-signing.der
%include %{SOURCE0}
--
2.31.1
From 5dc1fd8450db68b6cb046bd4efa2cad7b0f214ab Mon Sep 17 00:00:00 2001
From: Sherif Nagy <sherif@rockylinux.org>
Date: Thu, 27 May 2021 00:20:04 +0100
Subject: [PATCH] fixing required build release numbers
---
SOURCES/shim.rpmmacros | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/SOURCES/shim.rpmmacros b/SOURCES/shim.rpmmacros
index 24990c0..13bb02a 100644
--- a/SOURCES/shim.rpmmacros
+++ b/SOURCES/shim.rpmmacros
@@ -13,9 +13,9 @@
%global shimefix64 %{expand:%{SOURCE22}}
#%%global shimefiarm %%{expand:%%{SOURCE23}
-%global shimveraa64 15-7.el8_1
-%global shimveria32 15.4-4.el8_1
-%global shimverx64 15.4-4.el8_1
+%global shimveraa64 15-7.el8.1
+%global shimveria32 15.4-4.el8.1
+%global shimverx64 15.4-4.el8.1
#%%global shimverarm 15-1.el8
%global shimdiraa64 %{_datadir}/shim/%{shimveraa64}/aa64
--
2.31.1
Binary files a/ROCKY/_supporting/BOOTAA64.CSV and /dev/null differ
Binary files a/ROCKY/_supporting/BOOTIA32.CSV and /dev/null differ
Binary files a/ROCKY/_supporting/BOOTX64.CSV and /dev/null differ
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment