With two integrity check methods available (checksums and pgp
signatures) it should be possible to skip only one of them.
When checksums are disabled and the public key of one source file
signature is unknown, stop the build process.
---
doc/makepkg.8.txt | 3 +++
scripts/makepkg.sh.in | 8 ++++++--
2 files changed, 9 insertions(+), 2 deletions(-)
diff --git a/doc/makepkg.8.txt b/doc/makepkg.8.txt
index bc1ffc1..b032fd4 100644
--- a/doc/makepkg.8.txt
+++ b/doc/makepkg.8.txt
@@ -90,6 +90,9 @@ Options
*\--skippgpcheck*::
Do not verify PGP signatures of the source files.
+*\--skipchecksums*::
+ Do not verify source files with checksums.
+
*-h, \--help*::
Output syntax and command line options.
diff --git a/scripts/makepkg.sh.in b/scripts/makepkg.sh.in
index 20ba431..b28c702 100644
--- a/scripts/makepkg.sh.in
+++ b/scripts/makepkg.sh.in
@@ -58,6 +58,7 @@ INFAKEROOT=0
GENINTEG=0
SKIPINTEG=0
SKIPPGPCHECK=0
+SKIPCHECKSUMS=0
INSTALL=0
NOBUILD=0
NODEPS=0
@@ -631,6 +632,7 @@ generate_checksums() {
check_checksums() {
(( ! ${#source[@]} )) && return 0
+ (( SKIPCHECKSUMS )) && return 0
local correlation=0
local integ required
@@ -719,7 +721,7 @@ check_pgpsigs() {
if ! gpg --quiet --batch --status-file "$statusfile" --verify
"$file" "$sourcefile" 2> /dev/null; then
if grep "NO_PUBKEY" "$statusfile" > /dev/null; then
echo "$(gettext "Warning: Unknown public key")
$(awk '/NO_PUBKEY/ {print $3}' $statusfile)" >&2
- warnings=1
+ (( SKIPCHECKSUMS )) && errors=1 || warnings=1
else
echo "$(gettext "FAILED")" >&2
errors=1
@@ -1802,6 +1804,7 @@ usage() {
printf "$(gettext " --sign Sign the resulting package with
%s")\n" "gpg"
echo "$(gettext " --skipinteg Do not fail when integrity checks
are missing")"
echo "$(gettext " --skippgpcheck Do not verify source files with pgp
signatures")"
+ echo "$(gettext " --skipchecksums Do not verify source files with
checksums")"
echo "$(gettext " --source Generate a source-only tarball
without downloaded sources")"
echo
printf "$(gettext "These options can be passed to %s:")\n" "pacman"
@@ -1840,7 +1843,7 @@
OPT_LONG+=",noextract,force,forcever:,geninteg,help,holdver,skippgpcheck"
OPT_LONG+=",install,key:,log,nocolor,nobuild,nocheck,nosign,pkg:,rmdeps"
OPT_LONG+=",repackage,skipinteg,sign,source,syncdeps,version,config:"
# Pacman Options
-OPT_LONG+=",noconfirm,noprogressbar"
+OPT_LONG+=",noconfirm,noprogressbar,skipchecksums"
OPT_TEMP="$(parse_options $OPT_SHORT $OPT_LONG "$@" || echo 'PARSE_OPTIONS
FAILED')"
if [[ $OPT_TEMP = *'PARSE_OPTIONS FAILED'* ]]; then
# This is a small hack to stop the script bailing with 'set -e'
@@ -1879,6 +1882,7 @@ while true; do
-o|--nobuild) NOBUILD=1 ;;
-p) shift; BUILDFILE=$1 ;;
--skippgpcheck) SKIPPGPCHECK=1;;
+ --skipchecksums) SKIPCHECKSUMS=1;;
--pkg) shift; PKGLIST=($1) ;;
-r|--rmdeps) RMDEPS=1 ;;
-R|--repackage) REPKG=1 ;;
--
1.7.6
