Re: [opensuse-packaging] Hint needed
Reply on 27-11-2006 11:58:48 <<<
Marcus Rueckert schrieb:
On 2006-11-27 10:26:41 +0100, Nadia Derbey wrote:
I use .rpmmacros to set the %packager and what is needed for the gpg
signature (otherwise rpmlint complains about it :-( ). So, may be my question should have been the following: How to sign packages when they are built using build (or lbuild).
after you have build the packages for all architectures/distros you call
rpm --addsign */*.rpm
this saves you from typing your passphrase multiple times and you can sign all of them in one go.
rpm --resign might be nice too. it removes all other signatures before adding your own.
There is no difference between --addsign and --resign. RPMs cannot have more than one signature, so --addsign removes all the other signature, too.
That's not exactly what Maximum RPM tells you: http://www.rpm.org/max-rpm/s1-rpm-pgp-signing-packages.html They even have a specific scenario when more than one sig is wished/wanted/required. Dominique --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-packaging+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-packaging+help@opensuse.org
Dominique Leuenberger schrieb:
That's not exactly what Maximum RPM tells you: http://www.rpm.org/max-rpm/s1-rpm-pgp-signing-packages.html
Maximum RPM is horribly outdated. Never trust any information from Maximum RPM without verifying first that things didn't change. (In this specific case, I don't know whether or not the information still applies, but in general I can say that basically everything on rpm.org has outdated information in it.) Andreas --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-packaging+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-packaging+help@opensuse.org
participants (2)
-
Andreas Hanke
-
Dominique Leuenberger