[fedora-packager] add fedora-burn-yubikey and its dep ykpers split fedora-cert out on its own
Dennis Gilmore
ausil at fedoraproject.org
Sun Oct 10 16:35:35 UTC 2010
commit 5a39cdeacb7b6d07d0c229b8591549a37d8343ef
Author: Dennis Gilmore <dennis at ausil.us>
Date: Sun Oct 10 11:34:54 2010 -0500
add fedora-burn-yubikey and its dep ykpers
split fedora-cert out on its own
0001-add-fedora-burn-yubikey-script.patch | 96 ++++++++++++++++++++
...-install-fedora-burn-yubikey-into-sbindir.patch | 46 ++++++++++
...and-copyright-info-for-fedora-burn-yubike.patch | 31 +++++++
fedora-packager.spec | 36 +++++++-
4 files changed, 206 insertions(+), 3 deletions(-)
---
diff --git a/0001-add-fedora-burn-yubikey-script.patch b/0001-add-fedora-burn-yubikey-script.patch
new file mode 100644
index 0000000..04ec0a3
--- /dev/null
+++ b/0001-add-fedora-burn-yubikey-script.patch
@@ -0,0 +1,96 @@
+From 01c90fffc927dc8c4edd71bb9a852ae4b2aabf41 Mon Sep 17 00:00:00 2001
+From: Dennis Gilmore <dennis at ausil.us>
+Date: Fri, 24 Sep 2010 11:23:43 -0500
+Subject: [PATCH 1/3] add fedora-burn-yubikey script
+ used for setting up yubikeys for fedora
+
+---
+ src/fedora-burn-yubikey.py | 76 ++++++++++++++++++++++++++++++++++++++++++++
+ 1 files changed, 76 insertions(+), 0 deletions(-)
+ create mode 100644 src/fedora-burn-yubikey.py
+
+diff --git a/src/fedora-burn-yubikey.py b/src/fedora-burn-yubikey.py
+new file mode 100644
+index 0000000..03f7ad9
+--- /dev/null
++++ b/src/fedora-burn-yubikey.py
+@@ -0,0 +1,76 @@
++#!/usr/bin/python
++
++# ykpersonalize -ofixed=ccccccccccci -afcaa0c5bf2e83ec040e4aeb7f8565293 -ouid=1e7f1da7d6d1
++from fedora.client import AccountSystem, AuthError
++from getpass import getpass, getuser
++import subprocess, sys, gettext
++from optparse import OptionParser
++
++t = gettext.translation('fas', '/usr/share/locale', fallback = True)
++_ = t.gettext
++
++parser = OptionParser(version = "0.1")
++parser.add_option('-u', '--username',
++ dest = 'username',
++ default = None,
++ metavar = 'username',
++ help = _('Fedora Account System username'))
++parser.add_option('-U', '--url',
++ dest = 'url',
++ default = 'https://admin.fedoraproject.org/accounts/',
++ metavar = 'url',
++ help = _('FAS URL (Default: https://admin.fedoraproject.org/accounts/'))
++
++(opts, args) = parser.parse_args()
++
++if not opts.username:
++ print _('Please provide a username.')
++ parser.print_help()
++ sys.exit(0)
++
++if not getuser() == 'root':
++ print _('''Please run this program as root as it will need to write
++directly to the yubikey usb''')
++ sys.exit(5)
++
++print _(
++'''
++Attention: You are about to reprogram your yubikey! Please ensure it is
++plugged in to your USB slot before continuing. The secret key currently on
++your yubikey will be destroyed as part of this operation!
++
++''')
++
++print 'Contacting %s' % opts.url
++password = getpass('Password for %s: ' % opts.username)
++
++fas = AccountSystem(username=opts.username, password=password, base_url=opts.url)
++try:
++ new_key = fas.send_request('yubikey/genkey', auth=True)
++except AuthError, e:
++ print e
++ sys.exit(1)
++
++print
++print _('New key generated in FAS, attempting to burn to yubikey')
++print
++
++opts = new_key['key'].split()
++
++try:
++ retcode = subprocess.call(['/usr/bin/ykpersonalize',
++ '-ofixed=%s' % opts[0],
++ '-a%s' % opts[2],
++ '-ouid=%s' % opts[1]])
++except KeyboardInterrupt:
++ print _('''
++Burn attempt cancelled by user! Note: Even though the key did not get burned
++onto your key, FAS did generate a new one. This just means that if you did
++previously burn a different key, it will no longer work.
++''')
++ retcode=1
++
++if retcode:
++ print "There was an error writing to your yubi key"
++else:
++ print "Success! Your Yubikey ID is %s" % opts[0]
+--
+1.7.3.1
+
diff --git a/0002-install-fedora-burn-yubikey-into-sbindir.patch b/0002-install-fedora-burn-yubikey-into-sbindir.patch
new file mode 100644
index 0000000..4763e26
--- /dev/null
+++ b/0002-install-fedora-burn-yubikey-into-sbindir.patch
@@ -0,0 +1,46 @@
+From b6ef8f00e9e655364bbfab886fe355665215378a Mon Sep 17 00:00:00 2001
+From: Dennis Gilmore <dennis at ausil.us>
+Date: Fri, 24 Sep 2010 11:29:39 -0500
+Subject: [PATCH 2/3] install fedora-burn-yubikey into sbindir
+
+---
+ Makefile.am | 10 +++++++++-
+ 1 files changed, 9 insertions(+), 1 deletions(-)
+
+diff --git a/Makefile.am b/Makefile.am
+index 57b9cdb..4df6dbb 100644
+--- a/Makefile.am
++++ b/Makefile.am
+@@ -11,13 +11,17 @@ bin_SCRIPTS = fedora-cvs \
+ arm-koji \
+ ppc-koji
+
+-CLEANFILES = $(bin_SCRIPTS)
++sbin_SCRIPTS = fedora-burn-yubikey
++
++CLEANFILES = $(bin_SCRIPTS) $(sbin_SCRIPTS)
++
+ EXTRA_DIST = src/fedora-cvs.py \
+ src/fedora-packager-setup.py \
+ src/fedoradev-pkgowners \
+ src/fedora-cert.py \
+ src/fedora-getsvn \
+ src/fedora-hosted.py \
++ src/fedora-burn-yubikey.py \
+ src/rpmbuild-md5 \
+ src/fedpkg.py \
+ src/secondary-koji \
+@@ -47,6 +51,10 @@ fedora-hosted: $(srcdir)/src/fedora-hosted.py
+ rm -f fedora-hosted
+ install -p -m 755 -T $(srcdir)/src/fedora-hosted.py fedora-hosted
+
++fedora-burn-yubikey: $(srcdir)/src/fedora-burn-yubikey.py
++ rm -f fedora-burn-yubikey
++ install -p -m 755 -T $(srcdir)/src/fedora-burn-yubikey.py fedora-burn-yubikey
++
+ rpmbuild-md5: $(srcdir)/src/rpmbuild-md5
+ rm -f rpmbuild-md5
+ install -p -m 755 -T $(srcdir)/src/rpmbuild-md5 rpmbuild-md5
+--
+1.7.3.1
+
diff --git a/0003-add-author-and-copyright-info-for-fedora-burn-yubike.patch b/0003-add-author-and-copyright-info-for-fedora-burn-yubike.patch
new file mode 100644
index 0000000..97b2881
--- /dev/null
+++ b/0003-add-author-and-copyright-info-for-fedora-burn-yubike.patch
@@ -0,0 +1,31 @@
+From cd3e56bc505a35a71d324a656eb133586a30c59b Mon Sep 17 00:00:00 2001
+From: Dennis Gilmore <dennis at ausil.us>
+Date: Fri, 24 Sep 2010 11:37:13 -0500
+Subject: [PATCH 3/3] add author and copyright info for fedora-burn-yubikey
+
+---
+ src/fedora-burn-yubikey.py | 9 +++++++++
+ 1 files changed, 9 insertions(+), 0 deletions(-)
+
+diff --git a/src/fedora-burn-yubikey.py b/src/fedora-burn-yubikey.py
+index 03f7ad9..1862cee 100644
+--- a/src/fedora-burn-yubikey.py
++++ b/src/fedora-burn-yubikey.py
+@@ -1,5 +1,14 @@
+ #!/usr/bin/python
+
++# Copyright (C) 2010 Red Hat Inc.
++# Author: Mike McGrath <mmcgrath at redhat.com>
++#
++# This program is free software; you can redistribute it and/or modify it
++# under the terms of the GNU General Public License as published by the
++# Free Software Foundation; either version 2 of the License, or (at your
++# option) any later version. See http://www.gnu.org/copyleft/gpl.html for
++# the full text of the license.
++
+ # ykpersonalize -ofixed=ccccccccccci -afcaa0c5bf2e83ec040e4aeb7f8565293 -ouid=1e7f1da7d6d1
+ from fedora.client import AccountSystem, AuthError
+ from getpass import getpass, getuser
+--
+1.7.3.1
+
diff --git a/fedora-packager.spec b/fedora-packager.spec
index 5170123..c8b5f42 100644
--- a/fedora-packager.spec
+++ b/fedora-packager.spec
@@ -4,13 +4,16 @@
Name: fedora-packager
Version: 0.5.1.4
-Release: 1%{?dist}
+Release: 2%{?dist}
Summary: Tools for setting up a fedora maintainer environment
Group: Applications/Productivity
License: GPLv2+
URL: https://fedorahosted.org/fedora-packager
Source0: https://fedorahosted.org/releases/f/e/fedora-packager/fedora-packager-%{version}.tar.bz2
+Patch0: 0001-add-fedora-burn-yubikey-script.patch
+Patch1: 0002-install-fedora-burn-yubikey-into-sbindir.patch
+Patch2: 0003-add-author-and-copyright-info-for-fedora-burn-yubike.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildRequires: python-devel
@@ -21,6 +24,8 @@ Requires: pyOpenSSL python-pycurl
Requires: redhat-rpm-config
Requires: python-offtrac
Requires: fedpkg = %{version}-%{release}
+Requires: fedora-cert = %{version}-%{release}
+Requires: ykpers
BuildArch: noarch
@@ -31,7 +36,7 @@ Set of utilities useful for a fedora packager in setting up their environment.
Summary: fedora utility for working with dist-git
Group: Applications/Databases
Requires: GitPython >= 0.2.0, python-argparse, curl
-Requires: fedora-packager = %{version}-%{release}
+Requires: fedora-cert = %{version}-%{release}
%if 0%{?rhel} == 5 || 0%{?rhel} == 4
Requires: python-kitchen
%endif
@@ -40,9 +45,23 @@ Requires: python-kitchen
Provides the fedpkg command for working with dist-git
+%package -n fedora-cert
+Summary: fedora-cert tool and python library
+Group: Applications/Databases
+Requires: pyOpenSSL
+%if 0%{?rhel} == 5 || 0%{?rhel} == 4
+Requires: python-kitchen
+%endif
+
+%description -n fedora-cert
+Provides fedora-cert and the fedora_cert python library
+
+
%prep
%setup -q
-
+%patch0 -p1
+%patch1 -p1
+%patch2 -p1
%build
%configure
@@ -61,7 +80,14 @@ rm -rf $RPM_BUILD_ROOT
%defattr(-,root,root,-)
%doc COPYING TODO AUTHORS ChangeLog
%{_bindir}/*
+%{_sbindir}/*
%exclude %{_bindir}/fedpkg
+%exclude %{_bindir}/fedora-cert
+
+%files -n fedora-cert
+%doc COPYING TODO AUTHORS ChangeLog
+%defattr(-,root,root,-)
+%{_bindir}/fedora-cert
%{python_sitelib}/fedora_cert
%files -n fedpkg
@@ -73,6 +99,10 @@ rm -rf $RPM_BUILD_ROOT
%changelog
+* Sun Oct 10 2010 Dennis Gilmore <dennis at ausil.us> - 0.5.1.4-2
+- split out fedora-cert tool and library
+- add fedora-burn-yubikey tool
+
* Tue Aug 24 2010 Jesse Keating <jkeating at redhat.com> - 0.5.1.4-1
- Fix setting push.default when cloning with dirs
- Remove build --test option in bash completion
More information about the scm-commits
mailing list