install apk keys and binfmt data with setup.py
This commit is contained in:
parent
cff9185401
commit
1f8832c4cc
|
@ -1 +1,2 @@
|
|||
include LICENSE
|
||||
recursive-include pmb/data *
|
||||
|
|
|
@ -56,8 +56,9 @@ def read_signature_info(tar):
|
|||
logging.debug("sigkey: " + sigkey)
|
||||
|
||||
# Get path to keyfile on disk
|
||||
sigkey_path = pmb.config.pmb_src + "/keys/" + sigkey
|
||||
sigkey_path = pmb.config.apk_keys_path + "/" + sigkey
|
||||
if "/" in sigkey or not os.path.exists(sigkey_path):
|
||||
logging.debug("sigkey_path: " + sigkey_path)
|
||||
raise RuntimeError("Invalid signature key: " + sigkey)
|
||||
|
||||
return (sigfilename, sigkey_path)
|
||||
|
|
|
@ -32,7 +32,7 @@ from pmb.config.merge_with_args import merge_with_args
|
|||
#
|
||||
version = "0.9.0"
|
||||
pmb_src = os.path.normpath(os.path.realpath(__file__) + "/../../..")
|
||||
apk_keys_path = pmb_src + "/keys"
|
||||
apk_keys_path = pmb_src + "/pmb/data/keys"
|
||||
|
||||
# Update this frequently to prevent a MITM attack with an outdated version
|
||||
# (which may contain a vulnerable apk/libressl, and allows an attacker to
|
||||
|
|
|
@ -26,7 +26,7 @@ import pmb.config
|
|||
def binfmt_info(args, arch_qemu):
|
||||
# Parse the info file
|
||||
full = {}
|
||||
info = pmb.config.pmb_src + "/data/qemu-user-binfmt.txt"
|
||||
info = pmb.config.pmb_src + "/pmb/data/qemu-user-binfmt.txt"
|
||||
logging.verbose("parsing: " + info)
|
||||
with open(info, "r") as handle:
|
||||
for line in handle:
|
||||
|
|
|
@ -26,6 +26,7 @@ import pytest
|
|||
pmb_src = os.path.realpath(os.path.join(os.path.dirname(__file__) + "/.."))
|
||||
sys.path.append(pmb_src)
|
||||
import pmb.chroot.apk_static
|
||||
import pmb.config
|
||||
import pmb.parse.apkindex
|
||||
import pmb.helpers.logging
|
||||
|
||||
|
@ -70,7 +71,7 @@ def test_read_signature_info(args):
|
|||
assert "Invalid signature key" in str(e.value)
|
||||
|
||||
# Signature file with realistic name
|
||||
path = glob.glob(pmb_src + "/keys/*.pub")[0]
|
||||
path = glob.glob(pmb.config.apk_keys_path + "/*.pub")[0]
|
||||
name = os.path.basename(path)
|
||||
path_archive = "sbin/apk.static.SIGN.RSA." + name
|
||||
pmb.chroot.user(args, ["mv", tmp_path + "/sbin/apk.static.SIGN.RSA.invalid.pub",
|
||||
|
|
|
@ -27,6 +27,7 @@ sys.path.append(os.path.realpath(
|
|||
os.path.join(os.path.dirname(__file__) + "/..")))
|
||||
import pmb.parse.apkindex
|
||||
import pmb.helpers.logging
|
||||
import pmb.config
|
||||
|
||||
|
||||
@pytest.fixture
|
||||
|
@ -66,7 +67,7 @@ def test_keys(args):
|
|||
assert len(keys_upstream)
|
||||
|
||||
# Check if the keys are mirrored correctly
|
||||
mirror_path_keys = os.path.dirname(__file__) + "/../keys"
|
||||
mirror_path_keys = pmb.config.apk_keys_path
|
||||
for key, original_path in keys_upstream.items():
|
||||
mirror_path = mirror_path_keys + "/" + key
|
||||
assert filecmp.cmp(mirror_path, original_path, False)
|
||||
|
|
Loading…
Reference in New Issue