how can I sign rpms in koji?
Mátyás Selmeci
matyas at cs.wisc.edu
Fri Jan 16 19:25:45 UTC 2015
On 01/16/15 11:53, Dennis Gilmore wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On Fri, 16 Jan 2015 10:44:40 -0600
> Mátyás Selmeci <matyas at cs.wisc.edu> wrote:
>
>> On 01/16/15 01:39, Miroslav Suchý wrote:
>>> On 01/16/2015 03:30 AM, Mátyás Selmeci wrote:
>>>> I have imported several rpms into our koji without realizing that
>>>> they were unsigned. I'd like to sign them with our gpg key, but I
>>>> can't figure out how to do that after the fact. We use the signing
>>>> plugin from https://fedorahosted.org/koji/ticket/203, but that
>>>> only works for rpms we build ourselves.
>>> You might find usefull:
>>> https://fedorahosted.org/katello/wiki/ReleasingKatello#Signpackages
>>> This describe how to sign packages in Katello private Koji instance.
>>>
>>> tl;dr version
>>> Just sign those packages and:
>>> koji -c ~/.koji/your-config import-sig *.rpm
>>> And they will appear as signed on koji.
>> I tried that, then I did koji write-signed-rpm, and now I have both
>> signed and unsigned RPMs in my packages directory. Then I did a koji
>> regen-repo and tried to do an install from the newly created repo,
>> but it's the unsigned package that got picked up. Is there any way
>> around that? -Mat
> you have to use mash to make a repo with the signed rpms
>
> Dennis
Is there no way for me to delete the old rpms and reimport them?
-Mat
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3521 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.fedoraproject.org/pipermail/buildsys/attachments/20150116/928e6de9/attachment.p7s>
More information about the buildsys
mailing list