-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
pjones has written a test app to make sure that pesign is running
correctly on the builders. there is two builders specially for the
purpose of building binaries that need to be signed in order for secure
boot to work. i need to make a policy change so that the test app gets
built on the right builders. additionally i need to update pesign on
them for some bug fixes needed for f19 Beta. can i get some +1's please
diff --git a/configs/build/hub.conf.erb b/configs/build/hub.conf.erb
index 604dac9..1d695a7 100644
- --- a/configs/build/hub.conf.erb
+++ b/configs/build/hub.conf.erb
@@ -68,6 +68,8 @@ channel =
method createrepo :: use createrepo
has req_channel :: req
is_child_task :: parent
+#we want pesign-test-app to always go to the secure-boot channel even for scratch builds
+ source */pesign-test-app* && has_perm secure-boot :: use secure-boot
method build && bool scratch :: use default
#policys to deal with secure boot allowing only people in the secure-boot group to build the packages
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.19 (GNU/Linux)
iEYEARECAAYFAlGbuSsACgkQkSxm47BaWfe+xgCgu3BYqwQmyxwmWHeAFb7zqAGN
pgMAoIjf/SIKWQdZ5L/jAe1JQVutITkL
=9AAA
-----END PGP SIGNATURE-----
_______________________________________________
infrastructure mailing list
infrastructure@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/infrastructure
