Re: Plan of action for Secure Boot support

To: debian-kernel@lists.debian.org, debian-boot@lists.debian.org, debian-cd@lists.debian.org, pkg-grub-devel@lists.alioth.debian.org
Subject: Re: Plan of action for Secure Boot support
From: Bastian Blank <waldi@debian.org>
Date: Wed, 14 Aug 2013 11:49:25 +0200
Message-id: <[🔎] 20130814094925.GA16139@mail.waldi.eu.org>
Mail-followup-to: debian-kernel@lists.debian.org, debian-boot@lists.debian.org, debian-cd@lists.debian.org, pkg-grub-devel@lists.alioth.debian.org
In-reply-to: <[🔎] 1376433055.11676.53.camel@deadeye.wl.decadent.org.uk>
References: <[🔎] 1376427261.11676.35.camel@deadeye.wl.decadent.org.uk> <[🔎] 20130813213857.GA25311@mraw.org> <[🔎] 1376433055.11676.53.camel@deadeye.wl.decadent.org.uk>

On Wed, Aug 14, 2013 at 12:30:55AM +0200, Ben Hutchings wrote:
> Editing of binary packages is icky, so that's not part of the plan.
> Instead, after dak signs an executable, the package maintainer downloads
> and copies those into a separate 'source' package, which has a trivial
> debian/rules.  (And of course will generate an appropriate 'Built-Using'
> header.)

This will most likely go via by-hand. So a script on the dak side is
needed anyway.

Why not do the dummy source package stuff in this script and let dak do
all the work semi-automatically? It needs a prepared binary tree in a
tar, a list of files to be signed and a DEBIAN dir.

Bastian

-- 
Landru! Guide us!
		-- A Beta 3-oid, "The Return of the Archons", stardate 3157.4

Reply to:

References:
- Plan of action for Secure Boot support
  - From: Ben Hutchings <ben@decadent.org.uk>
- Re: Plan of action for Secure Boot support
  - From: Cyril Brulebois <kibi@debian.org>
- Re: Plan of action for Secure Boot support
  - From: Ben Hutchings <ben@decadent.org.uk>

Prev by Date: Re: Plan of action for Secure Boot support
Next by Date: Request For Free LINUX cd
Previous by thread: Re: Plan of action for Secure Boot support
Next by thread: Request For Free LINUX cd
Index(es):
- Date
- Thread