Second iteration of my patchset. I tried to address the issues pointed out by Mark: 1. The gpg key is not imported to the (temporary) rpm databases used by createrepo. Instead, createrepo is patched to ignore signature verification altogether. 2. There is a new optional config variable GPG_BIN which can be used to define the gpg binary used for signing. 3. The filename of the public keys (published with the package feed and depoyed into the target rootfs as part of os-release package) is now postfixed with "-${DISTRO_VERSION}".
[YOCTO #8134] *** BLURB HERE *** Markus Lehtonen (4): createrepo: disable RPM signature validation package_rpm: support signing of rpm packages os-release: add the public package-signing key package_manager: support for signed RPM package feeds meta/classes/package_rpm.bbclass | 5 ++ meta/classes/sign_rpm.bbclass | 60 ++++++++++++++++++++++ meta/lib/oe/package_manager.py | 40 +++++++++++++++ meta/recipes-core/os-release/os-release.bb | 11 ++++ ...dumpMetadata-disable-signature-validation.patch | 31 +++++++++++ .../createrepo/createrepo_0.4.11.bb | 17 +++--- 6 files changed, 156 insertions(+), 8 deletions(-) create mode 100644 meta/classes/sign_rpm.bbclass create mode 100644 meta/recipes-support/createrepo/createrepo/dumpMetadata-disable-signature-validation.patch -- 2.1.4 -- _______________________________________________ Openembedded-core mailing list Openembedded-core@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-core