how can I sign rpms in koji?
Dennis Gilmore
dennis at ausil.us
Fri Jan 16 17:53:11 UTC 2015
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Fri, 16 Jan 2015 10:44:40 -0600
Mátyás Selmeci <matyas at cs.wisc.edu> wrote:
> On 01/16/15 01:39, Miroslav Suchý wrote:
> > On 01/16/2015 03:30 AM, Mátyás Selmeci wrote:
> >> I have imported several rpms into our koji without realizing that
> >> they were unsigned. I'd like to sign them with our gpg key, but I
> >> can't figure out how to do that after the fact. We use the signing
> >> plugin from https://fedorahosted.org/koji/ticket/203, but that
> >> only works for rpms we build ourselves.
> > You might find usefull:
> > https://fedorahosted.org/katello/wiki/ReleasingKatello#Signpackages
> > This describe how to sign packages in Katello private Koji instance.
> >
> > tl;dr version
> > Just sign those packages and:
> > koji -c ~/.koji/your-config import-sig *.rpm
> > And they will appear as signed on koji.
> I tried that, then I did koji write-signed-rpm, and now I have both
> signed and unsigned RPMs in my packages directory. Then I did a koji
> regen-repo and tried to do an install from the newly created repo,
> but it's the unsigned package that got picked up. Is there any way
> around that? -Mat
you have to use mash to make a repo with the signed rpms
Dennis
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQIcBAEBAgAGBQJUuVAHAAoJEH7ltONmPFDRCgkP/19XapTEfVbGoX1dC9tE3et3
hmtctonZ6JEetCNLivxu07yf0w82IueZRuKrcLD4WTf8EHUQZr/eKMG6lO4Ia2gB
bqaSKqD3thqJSK8kliEm/tTmxTe+YPtebW9gpmE4oEV7cI99X5i66TxRuXncuGV5
zDGonx39CWnvWzzckpN/3/xP1XBHdVSK/eeLGGfL6czu3I4AwtySAWHbcdp45EUx
VOkmakJAbLWDMNkbzOPzmNkjvOOGR3qzx1WhzTC6t5MsHv7lqCTs+bHmzMdDAKCp
PIN7MYrV0tuB3/yM0uKe9DN0wFjXhjITuVyWzlFTO2I7ydqyUxPlwUoGbNi5StjM
qvLeRPopDS02k4ZOl8ke52lpUsoFZR304yubf4euyuw5KK8WiqRBqCHepV/irPZj
g+LwQzMk9pDqX+Gx8TywQUe/qFxsT/f86y+qMTb8d5nfdxGT/eRcs7BXkXuhxcyp
gDfWK5yfqbjvbANlQoSUkQ8oeGazo8xABqLlnxUcx8DJG3w9BcxnkWfbVViKzDpv
ND/WbNANpElquPUnfWnY6X/wjxxo061ndHcnyScFKZYdiSFw4TJxovY0Rvwm5j5N
v3u3nZSQgqB3qNtO3LZt4SVyNSGNpXuPYtf33+jrHscpbaojLVVebaxjEYVaUlHL
9OWQwatq8U2eujQcTCsc
=QVvs
-----END PGP SIGNATURE-----
More information about the buildsys
mailing list