|
|
@ -605,7 +605,7 @@ openssl x509 -inform der -in %{SOURCE100} -out rheldup3.pem
|
|
|
|
openssl x509 -inform der -in %{SOURCE101} -out rhelkpatch1.pem
|
|
|
|
openssl x509 -inform der -in %{SOURCE101} -out rhelkpatch1.pem
|
|
|
|
openssl x509 -inform der -in %{SOURCE102} -out rhelimaca1.pem
|
|
|
|
openssl x509 -inform der -in %{SOURCE102} -out rhelimaca1.pem
|
|
|
|
|
|
|
|
|
|
|
|
cat rheldup3.pem rhelkpatch1.pem > certs/rhel.pem
|
|
|
|
cat rheldup3.pem rhelkpatch1.pem rhelimaca1.pem > certs/rhel.pem
|
|
|
|
for i in config-%{version}-*; do
|
|
|
|
for i in config-%{version}-*; do
|
|
|
|
sed -i 's@CONFIG_SYSTEM_TRUSTED_KEYS="*"@CONFIG_SYSTEM_TRUSTED_KEYS="certs/rhel.pem"@' $i
|
|
|
|
sed -i 's@CONFIG_SYSTEM_TRUSTED_KEYS="*"@CONFIG_SYSTEM_TRUSTED_KEYS="certs/rhel.pem"@' $i
|
|
|
|
done
|
|
|
|
done
|
|
|
@ -729,7 +729,7 @@ popd > /dev/null
|
|
|
|
%define __modsign_install_post \
|
|
|
|
%define __modsign_install_post \
|
|
|
|
if [ "%{signmodules}" -eq "1" ]; then \
|
|
|
|
if [ "%{signmodules}" -eq "1" ]; then \
|
|
|
|
if [ "%{with_std}" -ne "0" ]; then \
|
|
|
|
if [ "%{with_std}" -ne "0" ]; then \
|
|
|
|
%{SOURCE21} certs/signing_key.pem.sign certs/signing_key.x509.sign $RPM_BUILD_ROOT/lib/modules/%{KVERREL}/ \
|
|
|
|
%{SOURCE21} linux-%{version}-%{release}.x86_64/certs/signing_key.pem.sign linux-%{version}-%{release}.x86_64/certs/signing_key.x509.sign $RPM_BUILD_ROOT/lib/modules/%{KVERREL}/ \
|
|
|
|
fi \
|
|
|
|
fi \
|
|
|
|
fi \
|
|
|
|
fi \
|
|
|
|
if [ "%{zipmodules}" -eq "1" ]; then \
|
|
|
|
if [ "%{zipmodules}" -eq "1" ]; then \
|
|
|
|