diff options
| author | Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org> | 2020-10-11 19:51:54 +0200 |
|---|---|---|
| committer | Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org> | 2020-10-11 22:14:29 +0200 |
| commit | b8697cf55e65c143897b10b0e580ec00a57b0d6b (patch) | |
| tree | 3c1d440d3ab81e48e4f97599af155e222a30f15d | |
| parent | 47ee59d0d8f4833e3074cd265a1cba3da54ce22e (diff) | |
| download | vendor_replicant-b8697cf55e65c143897b10b0e580ec00a57b0d6b.tar.gz vendor_replicant-b8697cf55e65c143897b10b0e580ec00a57b0d6b.tar.bz2 vendor_replicant-b8697cf55e65c143897b10b0e580ec00a57b0d6b.zip | |
Update key-migration.sh to sync with vendor_replicant-scripts
The gen_key_migration_script script was modified to generate a
key-migration.sh script that can run multiple times.
In addition, prints were added to inform the user of the script
success of failure.
So we need to update the generated script as well for the changes
to be taken into account.
This modified version was generated with the following command in
the top directory of the replicant-6.0 source code:
$ ./vendor/replicant-scripts/images/gen_key_migration_script/gen_key_migration_script.py \
gen-script \
vendor/replicant/prebuilt/common/bin/key-migration.sh \
vendor/replicant-data/distros/releases/certificates/ \
vendor/replicant-security/
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
| -rw-r--r-- | prebuilt/common/bin/key-migration.sh | 34 |
1 files changed, 16 insertions, 18 deletions
diff --git a/prebuilt/common/bin/key-migration.sh b/prebuilt/common/bin/key-migration.sh index 9f04960b..81665199 100644 --- a/prebuilt/common/bin/key-migration.sh +++ b/prebuilt/common/bin/key-migration.sh @@ -14,21 +14,14 @@ # See the License for the specific language governing permissions and # limitations under the License. -PACKAGES=/data/system/packages.xml -PACKAGES_BACKUP=/data/system/packages-backup.xml -MIGRATION_DONE=/data/system/.key-migration-done - -if [ -f ${MIGRATION_DONE} ]; then - exit 0 -fi - -if [ ! -f ${PACKAGES_BACKUP} ] && [ ! -f ${PACKAGES} ]; then - touch ${MIGRATION_DONE} - exit 0 -fi - -if [ -f ${PACKAGES_BACKUP} ]; then - mv ${PACKAGES_BACKUP} ${PACKAGES} +PACKAGES="/data/system/packages.xml" + +if [ ! -f "${PACKAGES}" ]; then + echo "Cannot migrate keys due to missing ${PACKAGES}:" + echo "- If /data is not mounted, you might need to mount it" + echo "- If /data is already mounted, maybe the data partition is blank." + echo " In this case you can skip running this script." + exit 0 fi ##################### @@ -483,7 +476,12 @@ sed \ "s#${old_replicant_4_2_0003_shared_PEM_pubkey}#${new_shared_PEM_pubkey}#g" \ -i ${PACKAGES} -chmod 660 ${PACKAGES} -chown system:system ${PACKAGES} +if [ "$(find /data/system/packages.xml -perm 660)" != "${PACKAGES}" ] ; then + chmod 660 ${PACKAGES} +fi + +if [ "$(find /data/system/packages.xml -user system -group system)" != "${PACKAGES}" ] ; then + chown system:system ${PACKAGES} +fi -touch ${MIGRATION_DONE}
\ No newline at end of file +echo "Key migration done"
\ No newline at end of file |