Mailinglist Archive: opensuse-buildservice (65 mails)
| < Previous | Next > |
Re: [opensuse-buildservice] Problem with GPG verification: nothing provides gpg-offline
- From: Andreas Stieger <astieger@xxxxxxxx>
- Date: Wed, 26 Sep 2018 08:25:09 +0200
- Message-id: <8df51e3b-b1c3-041f-6937-75b79707626e@suse.com>
Hello,
On 9/25/18 10:53 PM, Bjoern Voigt wrote:
The functionality of this macro was completely replaced by the
verify_source source service which runs automatically during check-in
and build. If the package contains a %name.keyring, that keyring will be
used to very any .asc/.sign file against matching .tar/.tar.gz etc.
without further need to add anything in the spec file.
grep.
Andreas
--
Andreas Stieger <astieger@xxxxxxxx>
Head of Product Security
SUSE Linux GmbH, GF: Felix Imendörffer, Jane Smithard, Graham Norton,
HRB 21284 (AG Nürnberg)
--
To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-buildservice+owner@xxxxxxxxxxxx
On 9/25/18 10:53 PM, Bjoern Voigt wrote:
The macro %gpg_verify is unavailable (tested with Tumbleweed).
What is currently the right way to verify GPG signatures of sources?
The functionality of this macro was completely replaced by the
verify_source source service which runs automatically during check-in
and build. If the package contains a %name.keyring, that keyring will be
used to very any .asc/.sign file against matching .tar/.tar.gz etc.
without further need to add anything in the spec file.
What is a good example package for GPG verification?
grep.
Andreas
--
Andreas Stieger <astieger@xxxxxxxx>
Head of Product Security
SUSE Linux GmbH, GF: Felix Imendörffer, Jane Smithard, Graham Norton,
HRB 21284 (AG Nürnberg)
--
To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-buildservice+owner@xxxxxxxxxxxx
| < Previous | Next > |