Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(59)

Issues Search
    My Issues | Starred     Open | Closed | All

Issue 6543027: Signer script to add update verification public key to an image (Closed)

Created:
9 years, 10 months ago by gauravsh
Modified:
9 years, 6 months ago
Reviewers:
petkov
CC:
chromium-os-reviews_chromium.org, Randall Spangler, gauravsh, Luigi Semenzato, Bill Richardson
Visibility:
Public.

Description

Signer script to add update verification public key to an image Change-Id: If51dd4f7d9e84f2f0f30506a3a9c354bc6a4b07b BUG=chromium-os:7388 TEST=manually tested on an image, verified that the permissions on the copied key were correct. Committed: http://chrome-svn/viewvc/chromeos?view=rev&revision=f6af9dd

Patch Set 1 #

Total comments: 8

Patch Set 2 : review fixes #

Patch Set 3 : message on success #

Unified diffs Side-by-side diffs Delta from patch set Stats (+34 lines, -0 lines) Patch
A scripts/image_signing/insert_au_publickey.sh View 1 2 1 chunk +34 lines, -0 lines 0 comments Download

Messages

Total messages: 3 (0 generated)
gauravsh
9 years, 10 months ago (2011-02-18 23:32:20 UTC) #1
petkov
a few nits/questions, LGTM otherwise http://codereview.chromium.org/6543027/diff/1/scripts/image_signing/insert_au_publickey.sh File scripts/image_signing/insert_au_publickey.sh (right): http://codereview.chromium.org/6543027/diff/1/scripts/image_signing/insert_au_publickey.sh#newcode15 scripts/image_signing/insert_au_publickey.sh:15: local image=$1 "$1"? http://codereview.chromium.org/6543027/diff/1/scripts/image_signing/insert_au_publickey.sh#newcode16 ...
9 years, 10 months ago (2011-02-18 23:38:49 UTC) #2
gauravsh
9 years, 10 months ago (2011-02-18 23:51:23 UTC) #3 
Addressed comments, and pushed.

http://codereview.chromium.org/6543027/diff/1/scripts/image_signing/insert_au...
File scripts/image_signing/insert_au_publickey.sh (right):

http://codereview.chromium.org/6543027/diff/1/scripts/image_signing/insert_au...
scripts/image_signing/insert_au_publickey.sh:15: local image=$1
On 2011/02/18 23:38:49, petkov wrote:
> "$1"?
> 

Done.

http://codereview.chromium.org/6543027/diff/1/scripts/image_signing/insert_au...
scripts/image_signing/insert_au_publickey.sh:16: local pub_key=$2
On 2011/02/18 23:38:49, petkov wrote:
> "$2"?

Done.

http://codereview.chromium.org/6543027/diff/1/scripts/image_signing/insert_au...
scripts/image_signing/insert_au_publickey.sh:29: sudo chown root:root
"$rootfs/$key_location/update-payload-key.pub.pem"
On 2011/02/18 23:38:49, petkov wrote:
> I assume root UID/GUID is always 0/0 so this is safe...

I think so.

http://codereview.chromium.org/6543027/diff/1/scripts/image_signing/insert_au...
scripts/image_signing/insert_au_publickey.sh:29: sudo chown root:root
"$rootfs/$key_location/update-payload-key.pub.pem"
On 2011/02/18 23:38:49, petkov wrote:
> do we also want to chmod it explicitly or we'll just leave (semi-random?)
> default?

Good idea - in case the umask is screwed up or something. Changed to 644

Powered by Google App Engine
This is Rietveld 408576698