Your message dated Wed, 27 Mar 2019 21:42:00 +0000 with message-id <9e1e5d05-1167-08dc-be18-950747c82...@thykier.net> and subject line Re: Bug#925436: unblock: fwupdate/12-4 has caused the Debian Bug report #925436, regarding unblock: fwupdate/12-4 to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 925436: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=925436 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: release.debian.org Severity: normal User: release.debian....@packages.debian.org Usertags: unblock Please unblock package fwupdate I've just made the last minor tweaks around the signing service json setup needed for UEFI Secure Boot support in Debian. There are also a couple of small ignorable Ubuntu packaging diffs, and the addition of a Recommends to also pull in the -signed version when possible during installation. Here's the debdiff. diff -Nru fwupdate-12/debian/changelog fwupdate-12/debian/changelog --- fwupdate-12/debian/changelog 2018-08-06 05:08:34.000000000 +0100 +++ fwupdate-12/debian/changelog 2019-03-25 00:47:29.000000000 +0000 @@ -1,3 +1,19 @@ +fwupdate (12-4) unstable; urgency=medium + + [ Steve McIntyre ] + * debian/gen_signing_json: Update the format of the json metadata to + match new requirements: + + Move all the data under a new top-level "packages" key + + Add an empty "trusted_certs" key - our binaries do not do any + further verification with an embedded key. + + [ Mario Limonciello ] + * Install signed packages for secure boot automatically + * Use a virtual package fwupdate-signed to resolve the correct package + * Stop producing UEFI archive for Ubuntu signed images (LP: #1787254) + + -- Steve McIntyre <93...@debian.org> Mon, 25 Mar 2019 00:47:29 +0000 + fwupdate (12-3) unstable; urgency=medium * debian/rules: fix libexecdir location (Closes: #905549) diff -Nru fwupdate-12/debian/control fwupdate-12/debian/control --- fwupdate-12/debian/control 2018-08-06 05:02:24.000000000 +0100 +++ fwupdate-12/debian/control 2019-03-08 22:23:42.000000000 +0000 @@ -26,6 +26,7 @@ Architecture: amd64 i386 armhf arm64 Multi-Arch: foreign Depends: ${shlibs:Depends}, ${misc:Depends}, libfwup1 (= ${binary:Version}), efibootmgr, e2fsprogs +Recommends: fwupdate-signed Description: Tools to manage UEFI firmware updates fwupdate provides functionality to update system firmware. It has been initially designed to update firmware using UEFI capsule updates, but diff -Nru fwupdate-12/debian/gen_signing_json fwupdate-12/debian/gen_signing_json --- fwupdate-12/debian/gen_signing_json 2018-08-06 05:02:24.000000000 +0100 +++ fwupdate-12/debian/gen_signing_json 2019-03-08 23:22:43.000000000 +0000 @@ -16,9 +16,14 @@ rm -f $OUT -printf '{"%s": {\n' "${SOURCE}" >> $OUT -printf ' "files": [ \n' >> $OUT -printf ' {"sig_type": "efi", "file": "%s"}\n' "${BINARY}" >> $OUT -printf ' ]\n' >> $OUT -printf '} }\n' >> $OUT +printf '{\n' >> $OUT +printf ' "packages": {\n' >> $OUT +printf ' "%s": {\n' "${SOURCE}" >> $OUT +printf ' "trusted_certs": [],\n' >> $OUT +printf ' "files": [ \n' >> $OUT +printf ' {"sig_type": "efi", "file": "%s"}\n' "${BINARY}" >> $OUT +printf ' ]\n' >> $OUT +printf ' }\n' >> $OUT +printf ' }\n' >> $OUT +printf '}\n' >> $OUT diff -Nru fwupdate-12/debian/rules fwupdate-12/debian/rules --- fwupdate-12/debian/rules 2018-08-06 05:07:22.000000000 +0100 +++ fwupdate-12/debian/rules 2019-03-08 22:23:42.000000000 +0000 @@ -10,7 +10,6 @@ SB_STYLE := debian ifeq (yes,$(shell dpkg-vendor --derives-from Ubuntu && echo yes)) SB_STYLE := ubuntu - tar_name := fwupdate_$(deb_version)_$(DEB_HOST_ARCH).tar.gz else TMPLDIR := debian/fwupdate-$(DEB_HOST_ARCH)-signed-template/usr/share/code-signing/fwupdate-$(DEB_HOST_ARCH)-signed-template endif @@ -68,17 +67,6 @@ override_dh_auto_clean: dh_auto_clean -- EFIDIR=$(EFIDIR) -ifeq (ubuntu,$(SB_STYLE)) - rm -rf debian/fwupdate-images -endif override_dh_builddeb: dh_builddeb -- -Zxz -ifeq (ubuntu,$(SB_STYLE)) - mkdir -p debian/fwupdate-images/$(deb_version) - cp efi/fwup*.efi debian/fwupdate-images/$(deb_version) - echo $(deb_version) \ - > debian/fwupdate-images/$(deb_version)/version - cd debian/fwupdate-images && tar czvf ../../../$(tar_name) . - dpkg-distaddfile $(tar_name) raw-uefi - -endif diff -Nru fwupdate-12/debian/signing-template/control fwupdate-12/debian/signing-template/control --- fwupdate-12/debian/signing-template/control 2018-08-06 05:02:24.000000000 +0100 +++ fwupdate-12/debian/signing-template/control 2019-03-08 22:23:42.000000000 +0000 @@ -12,6 +12,7 @@ Package: fwupdate-SIGNARCH-signed Section: admin Architecture: SIGNARCH +Provides: fwupdate-signed Depends: ${shlibs:Depends}, ${misc:Depends}, fwupdate (= SIGNVERSION) Description: Tools to manage UEFI firmware updates (signed) fwupdate provides functionality to update system firmware. It has been unblock fwupdate/12-4 -- System Information: Debian Release: buster/sid APT prefers testing APT policy: (500, 'testing'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 4.19.0-2-amd64 (SMP w/4 CPU cores) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), LANGUAGE=en_GB:en (charmap=UTF-8) Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled
--- End Message ---
--- Begin Message ---On Wed, 27 Mar 2019 21:11:00 +0000 Niels Thykier <ni...@thykier.net> wrote: > Ansgar Burchardt: > > Steve McIntyre writes: > >> Please unblock package fwupdate > > > > Please also unblock > > > > fwupdate-amd64-signed/12+4 > > fwupdate-arm64-signed/12+4 > > fwupdate-armhf-signed/12+4 > > fwupdate-i386-signed/12+4 > > > > at the same time. > > > > Ansgar > > > > Unblocked, thanks. > ~Niels > > > With a -done this time.
--- End Message ---
