On Thu, Jun 19, 2014 at 01:22:32PM +0200, Marcus Meissner wrote:
On Thu, Jun 19, 2014 at 01:15:30PM +0200, Wouter Verhelst wrote:
[I sent this to -programming first, which I now realize is probably the wrong list -- apologies for the double post]
Hi folks,
I'm trying to set up a repository with packages precompiled for a number of distributions, openSUSE being one of them.
Running "createrepo" is fairly easy and seems to work, except that zypper complains that the repomd.xml file isn't signed. Adding "gpg --clearsign -b" to my script fixed that, except that now it starts complaining that the key isn't known, and I can't seem to figure out how zypper decides which keys are known, and/or to which repository they belong.
Put the key into "repomd.xml.key" besides repomd.xml and repomd.xml.asc
Ah, okay. I had seen that in a repository, but assumed it would have to be configured somewhere. Maybe I should just have tried ;-)
If the update stack sees it there, it will ask if it should get trusted/imported and after confirming this, it will be known to the system.
Okay, yes, that's a bit better. However, the keys aren't added to the RPM database, and I can't seem to figure out how to do that. I've added them to my package and have added them to the .repo file that I ship in a "gpgkey" entry, similar to how this works for Fedora, but that doesn't seem to do the trick. As a result, now zypper allows the key, but RPM still produces a NOKEY message. What am I missing? Thanks, -- Wouter Verhelst NixSys BVBA M: +32 486 836 198 -- To unsubscribe, e-mail: opensuse-packaging+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-packaging+owner@opensuse.org