Hi, since I fought with a new local OBS setup for the last two days, it's time to fix the bouquet of misleading/dead wrong signer guide on the wiki. (No, the signer wasn't the reason for the fight. That was /usr/sbin/obsstoragesetup. But that's a different story..). Before I start to fix the wiki, can we agree on a couple of facts beforehand? Section: Required Packages I think, it's save to remove all paragraphs after the item enumeration. Section: Set up the GPG key I would remove: Some programs[which?] cannot handle DSA 2048, so if you are actually affected, you may want to limit yourself to a 1024 bit-DSA key instead. Section: Prep the signer Phrases go to /srv/obs/gnupg<fullstop> The symlink is unnecessary. Section: Configure the signer For the appliance at least, the key *have* to be in /srv/obs/obs-default- gpg.asc. Contraventions will be punished by prolonged troubleshooting, that will likely end in /usr/lib/obs/server/setup-appliance.sh function prepare_obssigner... A further note for sign_project is advised (and relocated from troubleshooting section). Outdated: If you run a version older than obs-signd-2.1.2 where /etc/permissions.d/sign is missing, create this file and add to it: /usr/bin/sign root:obsrun 4750 Run SuSEconfig --module permissions after having created this file. Remove? Section: Activate the Signer We arrived in systemd age. Section: Signing EFI binaries/kernel modules for EFI Secure Boot and below: out of my capabilities. Comments please. Cheers, Pete -- To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-buildservice+owner@opensuse.org