Hi All, I m new to this system forgive me if i am doing something wrong here !
We can add sing key to build-tag at the time of creating tag.. [vi...@koji ~]$ koji add-tag --help Usage: koji add-tag [options] name (Specify the --help global option for a list of other help options) Options: -h, --help show this help message and exit --parent=PARENT Specify parent --arches=ARCHES Specify arches * --sigkey=SIGKEY Specify signing key* "Human Knowledge Belongs To World" ~thanks Vijay. On Tue, Dec 14, 2010 at 1:19 PM, Oliver Falk <[email protected]> wrote: > Hi Allen! > > I'm not sure how the Fedora guys do it... There's a lot of black > (scripting) magic involved I guess. :-) > > And yes, the script is already using the the larger key size, but that's > not hard to "fix"... > > Come on guys, show us your dirty little tricks! :-P > > Best, > Oliver > > Am 14.12.2010 06:54, schrieb Allen Hewes: > > > >> > >> Hi Allen! > >> > >> You might want to look at the following post: > >> > >> http://www.mail-archive.com/[email protected]/ms > > g02187.html > >> > >> -of > > > > Hi Oliver, > > > > Thanks for link. I had not come across this thread. > > > > It would appear that currently there isn't any method to sign RPMs within > koji or mash. You can import prebuilt RPMs with signatures into Koji. I > don't know much about importing RPMs into koji because I haven't had a need. > > > > Do the Fedora guys use the sign_unsigned.py script for the official > Fedora yum repos? If so, how do they use mash? Because it looks to me that > if you use this script, it does one of the steps mash does; fetching RPMs > out of koji tags. > > > > I would have guessed that the Fedora guys generate their yum repos via > mash from koji tags and then sign RPMs. > > > > I'd have to modify this script to suit my needs, but I think I could do > it. It also looks like it relies on a newer version of RPM, the rpm command > for key size == 4096 is one spot I noticed. > > > > Also, I have to enter a passphrase when I sign my RPMs but this script > doesn't have any provisions for that. Is there a way to make rpm --resign > not prompt for a passphrase? > > > > Has there been any talk about adding RPM signing to mash? It seems like > that'd be a good place for it. > > > > Thanks, > > > > /allen > > -- > > buildsys mailing list > > [email protected] > > https://admin.fedoraproject.org/mailman/listinfo/buildsys > > -- > buildsys mailing list > [email protected] > https://admin.fedoraproject.org/mailman/listinfo/buildsys >
-- buildsys mailing list [email protected] https://admin.fedoraproject.org/mailman/listinfo/buildsys
