From 12b07ae5af579d7ba0979c14c7b94d5ad1d38ba0 Mon Sep 17 00:00:00 2001 From: Steve Langasek Date: Tue, 3 Oct 2017 15:50:06 -0700 Subject: [PATCH] move snap assertion handling into the generic build script (and, in the process, from the subiquity overlay to the base squashfs). --- debian/changelog | 2 ++ live-build/auto/build | 24 +++++++++++++++++++ .../hooks/032-installer-squashfs.binary | 16 ------------- 3 files changed, 26 insertions(+), 16 deletions(-) diff --git a/debian/changelog b/debian/changelog index 655e05d9..82a0ed6d 100644 --- a/debian/changelog +++ b/debian/changelog @@ -2,6 +2,8 @@ livecd-rootfs (2.465) UNRELEASED; urgency=medium * ubuntu-server: drop hard-coded test key from the subiquity overlay in favor of the generic-classic assertion from the store. + * move snap assertion handling into the generic build script (and, in + the process, from the subiquity overlay to the base squashfs). -- Steve Langasek Tue, 03 Oct 2017 15:31:21 -0700 diff --git a/live-build/auto/build b/live-build/auto/build index 37af4b0e..5f909533 100755 --- a/live-build/auto/build +++ b/live-build/auto/build @@ -297,6 +297,30 @@ deb file:/var/lib/preinstalled-pool/ $LB_DISTRIBUTION $LB_PARENT_ARCHIVE_AREAS > chroot/etc/apt/sources.list rm chroot/etc/apt/sources.list.preinstall chroot/etc/apt/sources.list.orig fi + case $PROJECT:$SUBPROJECT in + ubuntu-server:live) + assertions_dir="chroot/var/lib/snapd/seed/assertions" + model_assertion="$assertions_dir/generic-classic.model" + account_key_assertion="$assertions_dir/generic.account-key" + account_assertion="$assertions_dir/generic.account" + + snap known --remote model series=16 \ + model=generic-classic brand-id=generic \ + > "$model_assertion" + account_key=$(sed -n -e's/sign-key-sha3-384: //p' \ + < "$model_assertion") + + snap known --remote account-key \ + public-key-sha3-384="$account_key" \ + > "$account_key_assertion" + account=$(sed -n -e's/account-id: //p' \ + < "$account_key_assertion") + + snap known --remote account account-id=generic \ + > "$account_assertion" + ;; + esac + if [ "$PROJECT" = "ubuntu-touch" ] || [ "$PROJECT" = "ubuntu-touch-custom" ]; then if [ "$ARCH" = "armhf" ]; then INFO_DESC="$(lsb_release -d -s)" diff --git a/live-build/ubuntu-server/hooks/032-installer-squashfs.binary b/live-build/ubuntu-server/hooks/032-installer-squashfs.binary index 33663709..81f5b658 100755 --- a/live-build/ubuntu-server/hooks/032-installer-squashfs.binary +++ b/live-build/ubuntu-server/hooks/032-installer-squashfs.binary @@ -70,22 +70,6 @@ snaps: EOF ' -assertions_dir="$SQUASH_ROOT/var/lib/snapd/seed/assertions" -model_assertion="$assertions_dir/generic-classic.model" -account_key_assertion="$assertions_dir/generic.account-key" -account_assertion="$assertions_dir/generic.account" - -snap known --remote model series=16 model=generic-classic brand-id=generic \ - > "$model_assertion" -account_key=$(sed -n -e's/sign-key-sha3-384: //p' "$model_assertion") - -snap known --remote account-key public-key-sha3-384="$account_key" \ - > "$account_key_assertion" -account=$(sed -n -e's/account-id: //p' "$account_key_assertion") - -snap known --remote account account-id=generic \ - > "$account_assertion" - teardown_mountpoint "$SQUASH_ROOT" # Then unmount the overlay