7 # Update node package repository metadata and sign packages
9 # Mark Huang <mlhuang@cs.princeton.edu>
10 # Copyright (C) 2006 The Trustees of Princeton University
13 # Source function library and configuration
14 . /etc/plc.d/functions
15 . /etc/planetlab/plc_config
22 if [ "$PLC_BOOT_ENABLED" != "1" ] ; then
26 MESSAGE=$"Signing and indexing node packages"
32 if [[ -z "$@" ]] ; then
33 # use all subdirs in install-rpms by default
34 repositories=/var/www/html/install-rpms/*
40 ### availability of repo indexing tools
41 # old one - might be needed for old-style nodes
42 type -p yum-arch > /dev/null && have_yum_arch="true"
44 type -p createrepo > /dev/null && have_createrepo="true"
47 ### copy vserver-PLDISTRO* and vserver-systemslices-PLDISTRO*
48 ### pacakges to each repository to be able to create different
49 ### flavours of vservers on nodes
50 for repository1 in $repositories; do
51 DISTRO=${PLC_FLAVOUR_SLICE_PLDISTRO}
52 VSERVER_PKG=vserver-$(basename $repository1)
53 VSERVER_SYS_SLICES_PKG=vserver-systemslices-$(basename $repository1)
54 for repository2 in $repositories; do
55 if [[ $(basename $repository1) == ${DISTRO}* ]] \
56 && [[ $(basename $repository2) == ${DISTRO}* ]] \
57 && [[ $repository1 != $repository2 ]] ; then
58 ln -s $repository1/${VSERVER_PKG}* $repository2
59 ln -s $repository1/${VSERVER_SYS_SLICES_PKG}* $repository2
64 for repository in $repositories ; do
65 # the rpms that need signing
67 # and the corresponding stamps
69 # is there a need to refresh yum metadata
73 # right after installation, no package is present
74 # but we still need to create index
75 [ -n "$have_yum_arch" -a ! -f $repository/headers/header.info ] && need_yum_arch=true
76 [ -n "$have_createrepo" -a ! -f $repository/repodata/repomd.xml ] && need_createrepo=true
78 for package in $(find $repository/ -name '*.rpm') ; do
79 stamp=$repository/signed-stamps/$(basename $package).signed
80 # If package is newer than signature stamp
81 if [ $package -nt $stamp ] ; then
82 new_rpms="$new_rpms $package"
83 new_stamps="$new_stamps $stamp"
85 # Or than yum-arch headers
86 [ -n "$have_yum_arch" ] && [ $package -nt $repository/headers/header.info ] && need_yum_arch=true
87 # Or than createrepo database
88 [ -n "$have_createrepo" ] && [ $package -nt $repository/repodata/repomd.xml ] && need_createrepo=true
91 if [ -n "$new_rpms" ] ; then
92 # Create a stamp once the package gets signed
93 mkdir $repository/signed-stamps 2> /dev/null
95 # Sign RPMS. setsid detaches rpm from the terminal,
96 # allowing the (hopefully blank) GPG password to be
97 # entered from stdin instead of /dev/tty.
99 --define "_signature gpg" \
100 --define "_gpg_path /etc/planetlab" \
101 --define "_gpg_name $PLC_MAIL_SUPPORT_ADDRESS" \
102 --resign $new_rpms && touch $new_stamps
106 # Update repository index / yum metadata.
108 if [ -n "$need_yum_arch" ] ; then
109 # yum-arch sometimes leaves behind
110 # .oldheaders and .olddata directories accidentally.
111 rm -rf $repository/{.oldheaders,.olddata}
116 if [ -n "$need_createrepo" ] ; then
117 if [ -f $repository/yumgroups.xml ] ; then
118 createrepo --quiet -g yumgroups.xml $repository
120 createrepo --quiet $repository
130 if [[ -z "$@" ]] ; then
131 # use all subdirs in install-rpms by default
132 repositories=/var/www/html/install-rpms/*
138 for repository in $repositories ; do
139 rm -rf $repository/signed-stamps
140 rm -rf $repository/repodata
141 rm -rf $repository/headers
145 echo "Usage: $0 start|clean [repo ..]"