openwrt-keyring: Only copy sign key for snapshots

Instead of adding all public signature keys from the openwrt-keyring
repository only add the key which is used to sign the master feeds.

If one of the other keys would be compromised this would not affect
users of master snapshot builds.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

diff --git a/package/system/openwrt-keyring/Makefile b/package/system/openwrt-keyring/Makefile
index 6f3aa65622d501373fd51bb09c6c4dff879156a9..318d42cf922712210185819ae7564329b3878f34 100644 (file)
--- a/package/system/openwrt-keyring/Makefile
+++ b/package/system/openwrt-keyring/Makefile
@@ -3,7 +3,7 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=openwrt-keyring
-PKG_RELEASE:=1
+PKG_RELEASE:=2
 
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL=$(PROJECT_GIT)/keyring.git
@@ -32,7 +32,8 @@ Build/Compile=
 
 define Package/openwrt-keyring/install
        $(INSTALL_DIR) $(1)/etc/opkg/keys/
-       $(INSTALL_DATA) $(PKG_BUILD_DIR)/usign/* $(1)/etc/opkg/keys/
+       # Public usign key for unattended snapshot builds
+       $(INSTALL_DATA) $(PKG_BUILD_DIR)/usign/b5043e70f9a75cde $(1)/etc/opkg/keys/
 endef
 
 $(eval $(call BuildPackage,openwrt-keyring))