On Tue, May 02, 2006 at 10:45:34AM +0200, Marcus Meissner wrote:
So according to the above, I have done: 1) create a GPG key 2) adapted the "packages" file the latest create_package_descr 3) signed content 4) created /content.key
As long as I do not know if I am doing things correctly, I can't put anything in bugzilla. :-(
You must recreate the SHA1sums in the /content file to match the changed files (MD5SUMS and packages for instance) and sign it afterwards.
For META SHA1 ... these are al files in CD$/suse/setup/descr/ For KEY SHA1 ... these are the keys in CD$/ At least that is what I see.
Also all meta file needs to be listed there, see CD1/content
Not sure what the difference is whith what you mean above. I still get the same error. I now have: #Remove keys in content grep -v ^META $CD_DIR/content > $CD_DIR/content.bak mv $CD_DIR/content.bak $CD_DIR/content grep -v ^KEY $CD_DIR/content > $CD_DIR/content.bak mv $CD_DIR/content.bak $CD_DIR/content #Set the key LOCAL_KEY=`gpg --list-secret-keys|grep "^sec"|sed -e 's/.*\///;s/.*//g;'|head -n 1` gpg --export -a > $CD_DIR/gpg-pubkey-${LOCAL_KEY}.asc # Sign files in /suse/setup/descr/ for FILE in `ls $CD_DIR/suse/setup/descr/` do echo "META SHA1 $(cd $CD_DIR/suse/setup/descr/ && sha1sum ${FILE})" >> $CD_DIR/content done #Sign *.asc files for FILE in `ls $CD_DIR|grep ^gpg-pubkey*` do echo "KEY SHA1 $(cd $CD_DIR && sha1sum ${FILE})">> $CD_DIR/content done rm $CD_DIR/content.asc # echo "KEY SHA1 $(cd $CD_DIR && sha1sum gpg-pubkey-${LOCAL_KEY}.asc)" >> $CD_DIR/content gpg --detach-sign -u $LOCAL_KEY $CD_DIR/content gpg --export -a -u $LOCAL_KEY > $CD_DIR/content.key rm $CD_DIR/media.1/products.asc gpg --detach-sign -a $CD_DIR/media.1/products gpg --export -a -u $LOCAL_KEY > $CD_DIR/media.1/products.key houghi -- Nutze die Zeit. Sie ist das Kostbarste, was wir haben, denn es ist unwiederbringliche Lebenszeit. Leben ist aber mehr als Werk und Arbeit, und das Sein wichtiger als das Tun - Johannes Müller-Elmau