#! /usr/bin/expect -f # # $Id$ # # Sign an RPM file using the GPG agent and/or a given passphrase # without user interaction. # # Usage: # # signrpm.expect [rpmfile1] [rpmfile2] ... # # Environment: # # If the environment variable GPG_USER is set, you may override the # default-key setting in ~/.gnupg/gpg.conf # # If the environment variable GPG_PASSPHRASE is set, send this passphrase # to gpg. # # You might also find some interresting gnupg variables like # GNUPGHOME=/etc/pba/.gnupg # if {[info exists env(GPG_PASSPHRASE)]} { set GPG_PASSPHRASE $env(GPG_PASSPHRASE) } else { set GPG_PASSPHRASE "" } if {[info exists env(GPG_AGENT_INFO)]} { if {[info exists env(GPG_USER)]} { spawn rpm -addsign -D "%__gpg_sign_cmd %{__gpg} --no-verbose --no-armor --passphrase-fd 3 --use-agent --gpg-agent-info $env(GPG_AGENT_INFO) -u \"%{_gpg_name}\" -sbo %{__signature_filename} %{__plaintext_filename}" -D "%_gpg_name $env(GPG_USER)" -D "%__gpg_check_password_cmd /bin/true" [lrange $argv 0 0] } else { spawn rpm -addsign -D "%__gpg_sign_cmd %{__gpg} --no-verbose --no-armor --passphrase-fd 3 --use-agent --gpg-agent-info $env(GPG_AGENT_INFO) -sbo %{__signature_filename} %{__plaintext_filename}" -D "%_gpg_name foobar" -D "%__gpg_check_password_cmd /bin/true" [lrange $argv 0 0] } } else { if {[info exists env(GPG_USER)]} { spawn rpm -addsign "%__gpg_sign_cmd %{__gpg} --no-verbose --no-armor --passphrase-fd 3 --no-use-agent -u \"%{_gpg_name}\" -sbo %{__signature_filename} %{__plaintext_filename}" -D "%_gpg_name $env(GPG_USER)" -D "%__gpg_check_password_cmd %{__gpg} --batch --no-verbose --passphrase-fd 3 -u \"%{_gpg_name}\" -so -" [lrange $argv 0 0] } else { spawn rpm -addsign -D "%__gpg_sign_cmd %{__gpg} --no-verbose --no-armor --passphrase-fd 3 --no-use-agent -sbo %{__signature_filename} %{__plaintext_filename}" -D "%_gpg_name foobar" -D "%__gpg_check_password_cmd %{__gpg} --batch --no-verbose --passphrase-fd 3 -so -" [lrange $argv 0 0] } } expect { "Enter pass phrase:" { send "$GPG_PASSPHRASE\r"; exp_continue } eof { exit } }