7 # Update node package repository metadata and sign packages
9 # Mark Huang <mlhuang@cs.princeton.edu>
10 # Copyright (C) 2006 The Trustees of Princeton University
13 # Source function library and configuration
14 . /etc/plc.d/functions
15 . /etc/planetlab/plc_config
22 if [ "$PLC_BOOT_ENABLED" != "1" ] ; then
26 MESSAGE=$"Signing and indexing node packages"
32 if [[ -z "$@" ]] ; then
33 # use all subdirs in install-rpms by default
34 repositories=/var/www/html/install-rpms/*
40 ### availability of repo indexing tools
41 # old one - might be needed for old-style nodes
42 type -p yum-arch > /dev/null && have_yum_arch="true"
44 type -p createrepo > /dev/null && have_createrepo="true"
47 ### symlink vserver-PLDISTRO* and vserver-systemslices-PLDISTRO*
48 ### packages to each repository to be able to create different
49 ### flavours of vservers on nodes
50 for repository1 in $repositories; do
51 DISTRO=${PLC_FLAVOUR_SLICE_PLDISTRO}
52 VSERVER_PKG=vserver-$(basename $repository1)
53 VSERVER_SYS_SLICES_PKG=vserver-systemslices-$(basename $repository1)
54 for repository2 in $repositories; do
55 if [[ $(basename $repository1) == ${DISTRO}* ]] \
56 && [[ $(basename $repository2) == ${DISTRO}* ]] \
57 && [[ $repository1 != $repository2 ]] ; then
58 rm -rf $repository2/${VSERVER_PKG}*
59 rm -rf $repository2/${VSERVER_SYS_SLICES_PKG}*
61 ln -s $repository1/${VSERVER_PKG}* $repository2
62 ln -s $repository1/${VSERVER_SYS_SLICES_PKG}* $repository2
67 for repository in $repositories ; do
68 # the rpms that need signing
70 # and the corresponding stamps
72 # is there a need to refresh yum metadata
74 need_createrepo=true # always run createrepo as links may change for vserver packages
76 # right after installation, no package is present
77 # but we still need to create index
78 [ -n "$have_yum_arch" -a ! -f $repository/headers/header.info ] && need_yum_arch=true
79 [ -n "$have_createrepo" -a ! -f $repository/repodata/repomd.xml ] && need_createrepo=true
81 for package in $(find $repository/ -name '*.rpm') ; do
82 stamp=$repository/signed-stamps/$(basename $package).signed
83 # If package is newer than signature stamp
84 if [ $package -nt $stamp ] ; then
85 new_rpms="$new_rpms $package"
86 new_stamps="$new_stamps $stamp"
88 # Or than yum-arch headers
89 [ -n "$have_yum_arch" ] && [ $package -nt $repository/headers/header.info ] && need_yum_arch=true
90 # Or than createrepo database
91 [ -n "$have_createrepo" ] && [ $package -nt $repository/repodata/repomd.xml ] && need_createrepo=true
94 if [ -n "$new_rpms" ] ; then
95 # Create a stamp once the package gets signed
96 mkdir $repository/signed-stamps 2> /dev/null
98 # Sign RPMS. setsid detaches rpm from the terminal,
99 # allowing the (hopefully blank) GPG password to be
100 # entered from stdin instead of /dev/tty.
102 --define "_signature gpg" \
103 --define "_gpg_path /etc/planetlab" \
104 --define "_gpg_name $PLC_MAIL_SUPPORT_ADDRESS" \
105 --resign $new_rpms && touch $new_stamps
109 # Update repository index / yum metadata.
111 if [ -n "$need_yum_arch" ] ; then
112 # yum-arch sometimes leaves behind
113 # .oldheaders and .olddata directories accidentally.
114 rm -rf $repository/{.oldheaders,.olddata}
119 if [ -n "$need_createrepo" ] ; then
120 if [ -f $repository/yumgroups.xml ] ; then
121 createrepo --quiet -g yumgroups.xml $repository
123 createrepo --quiet $repository
133 if [[ -z "$@" ]] ; then
134 # use all subdirs in install-rpms by default
135 repositories=/var/www/html/install-rpms/*
141 for repository in $repositories ; do
142 rm -rf $repository/signed-stamps
143 rm -rf $repository/repodata
144 rm -rf $repository/headers
148 echo "Usage: $0 start|clean [repo ..]"