Am Dienstag, 13. September 2011, 16:37:16 schrieb Troy Telford:
> I've found:
> osc build --no-verify
>
> Which simply skips the gpg verification. What do I have to do to fix
> my OBS system so users don't have to use --no-verify?
The project, which provides the binaries must provide the public gpg key.
If you have imported binaries, just copy it inside as "_pubkey" file on the source server.
> On 2011-09-12 20:03:30 +0000, Troy Telford said:
> > I'm having trouble using 'osc build' on my own OBS instance:
> >
> > $ osc build
> > Building htop.spec for SLE_11sp1/x86_64
> > Getting buildinfo from server and store to
> > /home/ttelford/src/obs/home:ttelford/htop/.osc/_buildinfo-SLE_11sp1-x86_64
> > .xml Getting buildconfig from server and store to
> > /home/ttelford/src/obs/home:ttelford/htop/.osc/_buildconfig-SLE_11sp1-x86_
> > 64 Updating cache of required packages
> > 0.0% cache miss. 88/88 dependencies cached.
> >
> > Verifying integrity of cached packages
> > BuildService API error: can't verify packages due to lack of GPG keys
> >
> > Obviously, I'd like to be able to verify the packages; the distribution
> > packages certainly have a GPG signature (That of SLES).
> >
> > I know the GPG key is on ${SLES_ISO}/pubring.gpg.
> >
> > So what I need to do to get 'osc build' to work (and verify the GPG
> > signature of the packages)?
> >
> > Thanks.
> > -- Troy Telford
> >
> >
> > -- To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@opensuse.org
> > For additional commands, e-mail: opensuse-buildservice+help@opensuse.org
--
Adrian Schroeter
SUSE Linux Products GmbH
email: adrian@suse.de