how can I sign rpms in koji?
Mátyás Selmeci
matyas at cs.wisc.edu
Fri Jan 16 16:44:40 UTC 2015
On 01/16/15 01:39, Miroslav Suchý wrote:
> On 01/16/2015 03:30 AM, Mátyás Selmeci wrote:
>> I have imported several rpms into our koji without realizing that they were unsigned. I'd like to sign them with our gpg
>> key, but I can't figure out how to do that after the fact. We use the signing plugin from
>> https://fedorahosted.org/koji/ticket/203, but that only works for rpms we build ourselves.
> You might find usefull:
> https://fedorahosted.org/katello/wiki/ReleasingKatello#Signpackages
> This describe how to sign packages in Katello private Koji instance.
>
> tl;dr version
> Just sign those packages and:
> koji -c ~/.koji/your-config import-sig *.rpm
> And they will appear as signed on koji.
I tried that, then I did koji write-signed-rpm, and now I have both
signed and unsigned RPMs in my packages directory. Then I did a koji
regen-repo and tried to do an install from the newly created repo, but
it's the unsigned package that got picked up. Is there any way around that?
-Mat
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3521 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.fedoraproject.org/pipermail/buildsys/attachments/20150116/11bc49f1/attachment.p7s>
More information about the buildsys
mailing list