Mailinglist Archive: opensuse-features (75 mails)
| < Previous | Next > |
[openFATE 313400] store gpg key in fs instead of rpmdb
- From: fate_noreply@xxxxxxx
- Date: Thu, 26 Apr 2012 13:51:12 +0200 (CEST)
- Message-id: <feature-313400-3@keeper.suse.de>
Feature changed by: Ludwig Nussel (lnussel)
Feature #313400, revision 3
Title: store gpg key in fs instead of rpmdb
openSUSE Distribution: Unconfirmed
Priority
Requester: Desirable
Requested by: Ludwig Nussel (lnussel)
Partner organization: openSUSE.org
Description:
currently gpg keys used by rpm for signature verification apppar to be
installed in the rpmdb as some kind of pseudo package (rpm -qa 'gpg-
pubkey*'). This makes them rather clumsy to manage. It would be better
to have gpg keys as regular files in the file system. In fact rpm
supports that since a while via the %_keyringpath option. It's set to %
{_dbpath}/pubkeys/ by default. If any keys are found in that directory
the keys in the rpmdb are no longer used. Therefore I propose to:
- - change the openSUSE-build-key package to drop it's files into %
- _keyringpath - patch libzypp to prefer %_keyringpath too - add a %post
- snippet to rpm or openSUSE-build-key to export extra keys in rpmdb to %
- _keyringpath and remove them from rpmdb afterwards - make %_keyringpath
- an array so we can have distro provided keys in /usr and admin/locally
- configured keys in /etc
+ * change the openSUSE-build-key package to drop it's files into %
+ _keyringpath
+ * patch libzypp to prefer %_keyringpath too
+ * add a %post snippet to rpm or openSUSE-build-key to export extra keys
+ in rpmdb to %_keyringpath and remove them from rpmdb afterwards
+ * make %_keyringpath an array so we can have distro provided keys in
+ /usr and admin/locally configured keys in /etc
+ * fix rpm --import to write files in %_keyringpath instead of using
+ rpmdb
--
openSUSE Feature:
https://features.opensuse.org/313400
Feature #313400, revision 3
Title: store gpg key in fs instead of rpmdb
openSUSE Distribution: Unconfirmed
Priority
Requester: Desirable
Requested by: Ludwig Nussel (lnussel)
Partner organization: openSUSE.org
Description:
currently gpg keys used by rpm for signature verification apppar to be
installed in the rpmdb as some kind of pseudo package (rpm -qa 'gpg-
pubkey*'). This makes them rather clumsy to manage. It would be better
to have gpg keys as regular files in the file system. In fact rpm
supports that since a while via the %_keyringpath option. It's set to %
{_dbpath}/pubkeys/ by default. If any keys are found in that directory
the keys in the rpmdb are no longer used. Therefore I propose to:
- - change the openSUSE-build-key package to drop it's files into %
- _keyringpath - patch libzypp to prefer %_keyringpath too - add a %post
- snippet to rpm or openSUSE-build-key to export extra keys in rpmdb to %
- _keyringpath and remove them from rpmdb afterwards - make %_keyringpath
- an array so we can have distro provided keys in /usr and admin/locally
- configured keys in /etc
+ * change the openSUSE-build-key package to drop it's files into %
+ _keyringpath
+ * patch libzypp to prefer %_keyringpath too
+ * add a %post snippet to rpm or openSUSE-build-key to export extra keys
+ in rpmdb to %_keyringpath and remove them from rpmdb afterwards
+ * make %_keyringpath an array so we can have distro provided keys in
+ /usr and admin/locally configured keys in /etc
+ * fix rpm --import to write files in %_keyringpath instead of using
+ rpmdb
--
openSUSE Feature:
https://features.opensuse.org/313400
| < Previous | Next > |