how can I sign rpms in koji?
Dennis Gilmore
dennis at ausil.us
Sat Jan 17 02:19:38 UTC 2015
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Fri, 16 Jan 2015 13:25:45 -0600
Mátyás Selmeci <matyas at cs.wisc.edu> wrote:
> On 01/16/15 11:53, Dennis Gilmore wrote:
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> >
> > On Fri, 16 Jan 2015 10:44:40 -0600
> > Mátyás Selmeci <matyas at cs.wisc.edu> wrote:
> >
> >> On 01/16/15 01:39, Miroslav Suchý wrote:
> >>> On 01/16/2015 03:30 AM, Mátyás Selmeci wrote:
> >>>> I have imported several rpms into our koji without realizing that
> >>>> they were unsigned. I'd like to sign them with our gpg key, but I
> >>>> can't figure out how to do that after the fact. We use the
> >>>> signing plugin from https://fedorahosted.org/koji/ticket/203,
> >>>> but that only works for rpms we build ourselves.
> >>> You might find usefull:
> >>> https://fedorahosted.org/katello/wiki/ReleasingKatello#Signpackages
> >>> This describe how to sign packages in Katello private Koji
> >>> instance.
> >>>
> >>> tl;dr version
> >>> Just sign those packages and:
> >>> koji -c ~/.koji/your-config import-sig *.rpm
> >>> And they will appear as signed on koji.
> >> I tried that, then I did koji write-signed-rpm, and now I have both
> >> signed and unsigned RPMs in my packages directory. Then I did a
> >> koji regen-repo and tried to do an install from the newly created
> >> repo, but it's the unsigned package that got picked up. Is there
> >> any way around that? -Mat
> > you have to use mash to make a repo with the signed rpms
> >
> > Dennis
> Is there no way for me to delete the old rpms and reimport them?
> -Mat
koji always keeps the unsigned rpms and the signature headers. you can
clean up the the signed rpms but not teh unsigned ones. koji always
makes its repos with unsigned rpms. deleting and reimporting will get
you to exactly the same place as you are now.
Dennis
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQIcBAEBAgAGBQJUuca+AAoJEH7ltONmPFDRjQsP/0d6blCrjs9CCzZwvapDeZ4h
sIs7rSks8sS2h6PqMVeu60reDwQQaDoMcYtJRf05z1RCsr/7yVBr0G5Wzh/TF7sZ
r7MdeM0YBsI0fiiLKCKahTNhiGU8Ruw7fzVp2ZXcLK4m2+cF0GeNpLxqQPxs39nz
5gtmKNUaRkoCPoHu4SxSu0BpXhqDEf6j2LSAoZP3rN1KxV9/tfGrSNsqiO2cfmNp
ZrTBuRl0vXpTfkvgM6CllAsa8yey0ncBLej3kjRUQuoI9xGLNPu4j069AkbBdNJw
gQV9wkflmycAz+Q7ir8HMpqLEhn0rQ7W5e+lGTpfW3v+veTfZDqKrKks9flsP+M8
sK7Wf7hrl0MKINXfbZRiP6tSdC7je4aLe1DeDmGoKvspum9VdNc404la11gBl3Ru
gPeLbHnTbO1PKmBA9YJFdzd+xwE3IYyeD5dxhd/uxxBXjV9BjQxuDdEImgpcjVDQ
v9I1vc8O2sdqxjJ9tzgPxLrYqeKtcOKjDaETysCmigdo0Ij+vH7ic7wftHdUWHoC
Sep0LHsCyJ8/YMIIeAGkXpNIgw5rjylocVjK/6WdZG0OgrLUUE4ppXwAKexFKmep
gb6lJP9KVSXuck2pEvYj8HHNACeoOix2jY4fwwzhJEugqxxdg+BDmaYvmXtnBZHS
86iMYHdlc3KVgu1zRIx4
=dd+c
-----END PGP SIGNATURE-----
More information about the buildsys
mailing list