https://bugzilla.novell.com/show_bug.cgi?id=350747
User schlomo.schapiro@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=350747#c2
Schlomo Schapiro changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEEDINFO |NEW
Info Provider|schlomo.schapiro@novell.com |
--- Comment #2 from Schlomo Schapiro 2008-01-10 07:16:55 MST ---
The script was meant to be an idea, not really ready for packaging. The repo
should be a mandatory argument and the key an optional one
The dependency on createrepo is neccessary and should IMHO also be reflected in
RPM ([ -x ...] beeing a dirty hack violating RPM) as the user relies on RPM to
install all requirements.
Splitting out the signing part is no problem, but keep in mind that creating a
signed repo means you have to sign twice:
1. sign all RPMs
2. create repo (/repodata/*xml)
3. sign repodata
therefore the signing script should have a clear understanding of this, e.g.
-r : sign rpms given on cmdline
-m : sign rpm-md repo
-y : sign yast repo
-a : sign all rpm recursively in dirs given in cmdline
updaterepo should retain the option to be an all-in-one script to update & sign
a repo with a new package (the reason I wrote it). What would be a great thing
to have would be gpg-agent support for the whole process. Currently (SLES10SP1)
rpm does not use the agent at all.
So my script could look like this:
#!/bin/bash
[ -d "$1" ] || {
echo "Specify the repo directory"
exit 1
}
REPO="$1"
echo "Updating YUM repository '$REPO'"
{
rm -Rfv
$REPO/{repodata,.olddata}/{filelists.xml.gz,other.xml.gz,primary.xml.gz,repomd.xml,repomd.xml.asc}
sign -a -r "$REPO"
createrepo -v "$REPO"
} | while read ; do echo -n . ; done ; echo
sign -m "$REPO"
This way the entire gpg stuff would be in the sign script (and I always prefer
bash over c++ if possible -> open source included :-) )
--
Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.