Mailinglist Archive: opensuse-buildservice (184 mails)

< Previous Next >
Re: [opensuse-buildservice] missing key for texlive*
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Thu, 16 Oct 2008 11:06:23 +0200
Adrian Schröter <adrian@xxxxxxx> wrote:

On Thursday 16 October 2008 10:11:45 wrote Detlef Steuer:
Hi,

Ie got the following problem, when trying to build a package locally
to play around with the spec file:

---------
The following package could not be verified:
/var/tmp/osbuild-packagecache/openSUSE:11.0/standard/noarch/texlive-2007-17
5.1.noarch.rpm: (SHA1) DSA sha1 md5 (GPG) NOT OK (MISSING KEYS:
GPG#739ebedd)


- If the key is missing, install it first.
For example, do the following:
gpg --keyserver pgp.mit.edu --recv-keys 739ebedd
gpg --armor --export 739ebedd > /home/steuer/keyfile-739ebedd
and, as root:
rpm --import /home/steuer/keyfile-739ebedd

Then, just start the build again.

- If the key is unavailable, you may use --no-verify (which may pose a
risk) ----------

The key is unavailable, at least I couldn't find it.
Is there a way to disable verifying completely or for problematic packages?

Read three lines above ;)

I did. But osc has no option '--no-verify'.
So my question was: how to pass that argument to my build attempt?

osc --no-verify build openSUSE_11.0 i586 my.spec
osc: no such option: --no-verify
Try 'osc help' for info.

Can you point me to appropriate documentation?

detlef



After all it's just a local build
and won't be used in anyway besides build testing.
Or am I missing something obvious?

Well, evil packages can break out the chroot (if they have criminal energie).
So it is necessary to trust them to some degree.

(Btw: same settings work just fine in the buildservice.)

That one is secured with a VM.




--

Adrian Schroeter
SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nürnberg)
email: adrian@xxxxxxx

--
To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-buildservice+help@xxxxxxxxxxxx

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)

iEYEARECAAYFAkj3CP4ACgkQ0g+Q+yDyuZhDCwCgmaNYnDgEiwGP2K/AXUSD9346
JLEAn29ff/SQhcqrmA0sRri2nkMZtq18
=NgVd
-----END PGP SIGNATURE-----
N�����r��y隊Z)z{.����Wlz��qﮞ˛���m�)z{.��+�Z+i�b�*'jW(�f�vǦj)h����Ǜ�)]����Ǿ��i�������
< Previous Next >
Follow Ups