Once upon a time Wednesday 22 November 2006 6:09 am, Karanbir Singh wrote:
Dennis Gilmore wrote:
> On Tuesday 21 November 2006 21:21, Douglas Hubler wrote:
>> The Fedora website
>>
http://fedora.redhat.com/About/security/
>> mentions Fedora builds are automatically signed. How is this done? rpm
>> --addsign requires user input and is not gpg-aware
>>
http://lists.gnupg.org/pipermail/gnupg-users/2004-January/021302.html
>
> You can automate it by not putting a password on the gpgkey. most of the
> rpms are manually signed for this reason. and all of extras are manually
> signed. the only automated signed would be in rawhide and i think they
> are generally not signed at all.
iirc, even with a blank passwd, rpm's default behavior is to ask for a
password anyway,
'expect' knows what to do :)
ive never tried so im not 100% sure. i had assumed that if i put no password
on the key i wouldnt be prompted. but i would not trust a situation like
that so i wont impose that on my users. :)
Dennis