Am Dienstag, 2. Mai 2006 12:43 schrieb houghi:
I still get the same error. I now have: #Remove keys in content grep -v ^META $CD_DIR/content > $CD_DIR/content.bak mv $CD_DIR/content.bak $CD_DIR/content grep -v ^KEY $CD_DIR/content > $CD_DIR/content.bak mv $CD_DIR/content.bak $CD_DIR/content
Does all content have to be signed by the same key? If not, why do you resign also files, which content did not change (e.g. selection files)?
#Set the key LOCAL_KEY=`gpg --list-secret-keys|grep "^sec"|sed -e 's/.*\///;s/.*//g;'|head -n 1` gpg --export -a > $CD_DIR/gpg-pubkey-${LOCAL_KEY}.asc
This gives a file like gpg-pubkey-6344CBC1.asc But on the CDs the keys look like this: gpg-pubkey-9c800aca-40d8063e.asc
# Sign files in /suse/setup/descr/ for FILE in `ls $CD_DIR/suse/setup/descr/` do echo "META SHA1 $(cd $CD_DIR/suse/setup/descr/ && sha1sum ${FILE})" >> $CD_DIR/content done #Sign *.asc files for FILE in `ls $CD_DIR|grep ^gpg-pubkey*` do echo "KEY SHA1 $(cd $CD_DIR && sha1sum ${FILE})">> $CD_DIR/content done
Here the same question: is it neccessary to resign all the files? Or would it be enough to sign only the files makeSuSEdvd changed? Btw: gpg --detach-sign -u $LOCAL_KEY -a $CD_DIR/media.1/products creates products.sig not products.asc on my SL 9.3 -- Mit freundlichen Grüßen, Marcel Hilzinger Linux New Media AG Süskindstr. 4 D-81929 München Tel: +49 (89) 99 34 11 0 Fax: +49 (89) 99 34 11 99