On 01/16/15 01:39, Miroslav Suchý wrote:
I tried that, then I did koji write-signed-rpm, and now I have both signed and unsigned RPMs in my packages directory. Then I did a koji regen-repo and tried to do an install from the newly created repo, but it's the unsigned package that got picked up. Is there any way around that?On 01/16/2015 03:30 AM, Mátyás Selmeci wrote:I have imported several rpms into our koji without realizing that they were unsigned. I'd like to sign them with our gpg key, but I can't figure out how to do that after the fact. We use the signing plugin from https://fedorahosted.org/koji/ticket/203, but that only works for rpms we build ourselves.You might find usefull: https://fedorahosted.org/katello/wiki/ReleasingKatello#Signpackages This describe how to sign packages in Katello private Koji instance.tl;dr version Just sign those packages and: koji -c ~/.koji/your-config import-sig *.rpm And they will appear as signed on koji.
-Mat
smime.p7s
Description: S/MIME Cryptographic Signature
-- buildsys mailing list [email protected] https://admin.fedoraproject.org/mailman/listinfo/buildsys
