From a855c270d9758aa5d1ecfbda41e6dfe6105612fdf87c97e95da0fa5ab2763c54 Mon Sep 17 00:00:00 2001 From: "Marc S. Weidner" Date: Thu, 13 Nov 2025 10:06:00 +0100 Subject: [PATCH] V8.13.408.2025.11.13 Signed-off-by: Marc S. Weidner --- lib/lib_ciss_upgrades_boot.sh | 2 ++ lib/lib_gnupg.sh | 1 - 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/lib/lib_ciss_upgrades_boot.sh b/lib/lib_ciss_upgrades_boot.sh index c9167a5..40e9eca 100644 --- a/lib/lib_ciss_upgrades_boot.sh +++ b/lib/lib_ciss_upgrades_boot.sh @@ -31,6 +31,8 @@ guard_sourcing || return "${ERR_GUARD_SRCE}" ciss_upgrades_boot() { printf "\e[95m++++ ++++ ++++ ++++ ++++ ++++ ++ 🧪 %s starting ... \e[0m\n" "${BASH_SOURCE[0]}" + gpg --batch --yes --export "${VAR_SIGNING_KEY_FPR}" >| "${VAR_HANDLER_BUILD_DIR}/config/includes.chroot/.ciss/attestation/${VAR_SIGNING_KEY_FPR}.gpg" + declare -ar _ary_target=( "/.ciss/attestation/${VAR_SIGNING_KEY_FPR}.gpg" "/etc/initramfs-tools/files/unlock_wrapper.sh" diff --git a/lib/lib_gnupg.sh b/lib/lib_gnupg.sh index 7d96200..ec68026 100644 --- a/lib/lib_gnupg.sh +++ b/lib/lib_gnupg.sh @@ -118,7 +118,6 @@ EOF ### Export public key for verification inside ISO / chroot. install -d -m 0755 -o root -g root "${VAR_HANDLER_BUILD_DIR}/config/includes.chroot/etc/ciss/keys" install -d -m 0755 -o root -g root "${VAR_HANDLER_BUILD_DIR}/config/includes.binary" - gpg --batch --yes --export "${VAR_SIGNING_KEY_FPR}" >| "${VAR_HANDLER_BUILD_DIR}/config/includes.chroot/.ciss/attestation/${VAR_SIGNING_KEY_FPR}.gpg" gpg --batch --yes --export "${VAR_SIGNING_KEY_FPR}" >| "${VAR_HANDLER_BUILD_DIR}/config/includes.chroot/etc/ciss/keys/${VAR_SIGNING_KEY_FPR}.gpg" gpg --batch --yes --export "${VAR_SIGNING_KEY_FPR}" >| "${VAR_HANDLER_BUILD_DIR}/config/includes.binary/${VAR_SIGNING_KEY_FPR}.gpg" [[ -n "${VAR_SIGNING_CA}" ]] && gpg --batch --yes --export "${VAR_SIGNING_CA_FPR}" >| "${VAR_HANDLER_BUILD_DIR}/config/includes.chroot/etc/ciss/keys/${VAR_SIGNING_CA_FPR}.gpg"