On Mon, 2023-01-23 at 16:31 +0100, Roberto Sassu wrote: > On Mon, 2023-01-23 at 09:40 -0500, Mimi Zohar wrote: > > Hi Roberto, > > > > On Thu, 2023-01-12 at 13:24 +0100, Roberto Sassu wrote: > > > + > > > +key_path="/lib/modules/$(uname -r)/source/certs/signing_key.pem" > > > +if [ -f "$PWD/../signing_key.pem" ]; then > > > + key_path=$PWD/../signing_key.pem > > > +fi > > > + > > > > For testing locally, how about first checking the file exists, before > > setting key_path? On not finding it, perhaps check whether > > "/lib/modules/$(uname -r)/build/certs/signing_key.pem" exists. > > The precedence is: > > TST_KEY_PATH -> ../signing_key.pem -> /lib/modules... This is still /lib/modules, just not "source/", but "build/". -key_path="/lib/modules/$(uname -r)/source/certs/signing_key.pem" +if [ -f "/lib/modules/$(uname -r)/source/certs/signing_key.pem" ]; then + key_path="/lib/modules/$(uname -r)/source/certs/signing_key.pem" +elif [ -f "/lib/modules/$(uname -r)/build/certs/signing_key.pem" ]; then + key_path="/lib/modules/$(uname -r)/build/certs/signing_key.pem" +fi + Mimi > > If TST_KEY_PATH is not found, probably it is a good idea to not > fallback to the other alternatives, as it is user input.
