Re: [Cooker] Re: [Contrib-Rpm] php-mhash-4.3.2-2mdk

[Adam Williamson]

On Thu, 2003-06-12 at 21:17, Dave Cotton wrote:
> On Thu, 2003-06-12 at 20:58, Adam Williamson wrote:
> > On Thu, 2003-06-12 at 17:26, Per Øyvind Karlsen wrote:
> > 
> > > should'nt neither, unless there's any special reason for this..?
> > 
> > The apostrophe goes between the n and t, so "shouldn't". Sorry to be
> > picky, but I keep seeing this and it's bugging me :).
> 
> And two negatives together? As Victor Borger(?) another non native
> English speaker said to a woman who criticised his use of English
> "Madam, it's your language I'm just trying to use it." :-)

Yeah, should've been "shouldn't either", but for some reason that one
doesn't bug me as much :). It's Victor Borga, I think.
-- 
adamw

Re: [Cooker] Re: [Contrib-Rpm] php-mhash-4.3.2-2mdk

[Dave Cotton]

On Thu, 2003-06-12 at 20:58, Adam Williamson wrote:
> On Thu, 2003-06-12 at 17:26, Per Øyvind Karlsen wrote:
> 
> > should'nt neither, unless there's any special reason for this..?
> 
> The apostrophe goes between the n and t, so "shouldn't". Sorry to be
> picky, but I keep seeing this and it's bugging me :).

And two negatives together? As Victor Borger(?) another non native
English speaker said to a woman who criticised his use of English
"Madam, it's your language I'm just trying to use it." :-)

-- 
Dave Cotton
Directeur
Linux Autrement
193 rue Marcel Cerdan
84270 Vedene
04 90 23 30 81

Re: [Cooker] Re: [Contrib-Rpm] php-mhash-4.3.2-2mdk

[Adam Williamson]

On Thu, 2003-06-12 at 17:26, Per Øyvind Karlsen wrote:

> should'nt neither, unless there's any special reason for this..?

The apostrophe goes between the n and t, so "shouldn't". Sorry to be
picky, but I keep seeing this and it's bugging me :).
-- 
adamw

Re: [Cooker] Re: [Contrib-Rpm] php-mhash-4.3.2-2mdk

[Per Øyvind Karlsen]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On Thursday 12 June 2003 19:55, Brook Humphrey wrote:
> On Thursday 12 June 2003 09:26, Per Øyvind Karlsen wrote:
> > I used to sign them myself, but Lenny told me not to, and I guess you
> > should'nt neither, unless there's any special reason for this..?
>
> well I sent my sig to mandrake and the idea was to make sure that it was
> really from me and not from somebody else. At least this is supposed to be
> the reason.
yet, but that's because you're probably sending the package to lenny for lenny 
to upload, while I upload it myself:)
- -- 
Regards,
Per Øyvind Karlsen
Sintrax Solutions
http://www.sintrax.net - +47 41681061
- 
GPG Key: http://sintrax.net/~hawkeye/key.asc
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.2 (GNU/Linux)

iD8DBQE+6Me/v8F7V9JOSuURAgjtAJwPgXDf1imy4+9+MC4Jh5ONartczACgwzY2
9znpvwbYAgeGB68QwI+q6aU=
=CmRW
-END PGP SIGNATURE-

Re: [Cooker] Re: [Contrib-Rpm] php-mhash-4.3.2-2mdk

[Brook Humphrey]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On Thursday 12 June 2003 09:26, Per Øyvind Karlsen wrote:
> I used to sign them myself, but Lenny told me not to, and I guess you
> should'nt neither, unless there's any special reason for this..?

well I sent my sig to mandrake and the idea was to make sure that it was 
really from me and not from somebody else. At least this is supposed to be 
the reason. 

- -- 
New and improved with advanced outlook crash handler. 

 -~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-
  Brook Humphrey   
Mobile PC Medic, 420 1st, Cheney, WA 99004, 509-235-9107
http://www.webmedic.net, [EMAIL PROTECTED], [EMAIL PROTECTED]   
 Holiness unto the Lord
 -~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.2 (GNU/Linux)

iD8DBQE+6L52nT1TkA6FgPgRAoXLAJ0dPMdcSYcAmNL8ADFfKxWgnFlM+QCffVbu
DYul/D1eItH/vc67B4d9YKg=
=CmKN
-END PGP SIGNATURE-

Re: [Cooker] Re: [Contrib-Rpm] php-mhash-4.3.2-2mdk

[Per Øyvind Karlsen]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On Thursday 12 June 2003 18:35, Olivier Thauvin wrote:
> Le Jeudi 12 Juin 2003 18:26, Per Øyvind Karlsen a écrit :
> > when uploading them yourself(not upping them to ftp.linux-mandrake.com)
> > you should'nt sign them, as you see, noone else does this, and when
> > people are installing your packages they'll get warnings about it because
> > the package has both your signature and the mandrakesoft, while they have
> > only the mandrakesoft signatures..
>
> Nop, contrib are not resign by mdk. Then poeple get only personnal
> signature.
ah, okay, anyways, packages uploaded to ftp.linux-mandrake.com will be rebuilt 
etc. and the signature that the package was signed with won't be used, hmm, 
maybe I am messing around a little more than I thought:)
- -- 
Regards,
Per Øyvind Karlsen
Sintrax Solutions
http://www.sintrax.net - +47 41681061
- 
GPG Key: http://sintrax.net/~hawkeye/key.asc
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.2 (GNU/Linux)

iD8DBQE+6K47v8F7V9JOSuURAi9eAJ43B9VuICfqIcsTi60iCjXjYLSkXgCgxTPk
w3M+q7RnJl6NL3kuKSn0NVI=
=aDHT
-END PGP SIGNATURE-

Re: [Cooker] Re: [Contrib-Rpm] php-mhash-4.3.2-2mdk

[Per Øyvind Karlsen]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On Thursday 12 June 2003 18:31, Oden Eriksson wrote:
> rpm --sign
> rpm: --sign may only be used during package building
>
> AFAIK you cannot resign a package if it's not signed in the first place.
>
> ?
rpm --addsign
- -- 
Regards,
Per Øyvind Karlsen
Sintrax Solutions
http://www.sintrax.net - +47 41681061
- 
GPG Key: http://sintrax.net/~hawkeye/key.asc
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.2 (GNU/Linux)

iD8DBQE+6K2tv8F7V9JOSuURApJGAJ9dLxVdJUxu4g+IJniCP2OWh1x5gwCgsscG
zwrc8EMWvYkg5e05wu5+2yU=
=5DMp
-END PGP SIGNATURE-

Re: [Cooker] Re: [Contrib-Rpm] php-mhash-4.3.2-2mdk

[Olivier Thauvin]

Le Jeudi 12 Juin 2003 18:31, Oden Eriksson a écrit :
> torsdagen den 12 juni 2003 18.26 skrev Per Øyvind Karlsen:
> > -BEGIN PGP SIGNED MESSAGE-
> > Hash: SHA1
> >
> > On Thursday 12 June 2003 18:19, Brook Humphrey wrote:
> > > On Thursday 12 June 2003 02:50, Oden Eriksson wrote:
> > > > torsdagen den 12 juni 2003 11.26 skrev Per Øyvind Karlsen:
> > > > > -BEGIN PGP SIGNED MESSAGE-
> > > > > Hash: SHA1
> > > > >
> > > > > On Thursday 12 June 2003 11:15, Oden Eriksson wrote:
> > > > > > E: php-mhash unknown-key GPG#604AA4E4
> > > > >
> > > > > why are you actually signing these packages yourself?
> > > >
> > > > Huh? That's what I've been told to do maybe 1,5 year ago..., has this
> > > > policy changed? If so no one has told me about it.
> > >
> > > Nope I have to sign all the srpm's I send to contribs also.
> >
> > when uploading them yourself(not upping them to ftp.linux-mandrake.com)
> > you should'nt sign them, as you see, noone else does this, and when
> > people are installing your packages they'll get warnings about it because
> > the package has both your signature and the mandrakesoft, while they have
> > only the mandrakesoft signatures..
> > I used to sign them myself, but Lenny told me not to, and I guess you
> > should'nt neither, unless there's any special reason for this..?
> >
> > I'm not gonna say I'm *sure* about this, but packages are automatically
> > signed, and rpmlint also nags about this..
>
> rpm --sign
> rpm: --sign may only be used during package building
>
> AFAIK you cannot resign a package if it's not signed in the first place.
>
> ?

rpm --resign
Here my bot for personnal packages (original script from mdk I only adapted it 
for me) :

[EMAIL PROTECTED] Local-devel]$ cat ~/bin/resign.pl
#!/usr/bin/perl
#my ($rpm_files)[EMAIL PROTECTED]
use Expect;

my $identity="Olivier Thauvin";
my $gpgpath="/home/users/olivier/.gnupg";
my $secret="/home/users/olivier/.pass";

$password=`cat $secret`;
foreach $rpm_files (@ARGV) {

system("rpm -K $rpm_files &> /dev/null");
if ("$?" != 0) {
push @corrupted, $rpm_files;
print "Corrupted: $rpm_files\n";
next;
}
my $rpmcmd="--define \"_gpg_name $identity\" --define \"_gpg_path 
$gpgpath\"";

$command = Expect->spawn("rpm $rpmcmd --addsign $rpm_files") or die 
"Couldn't start rpm: $!\n";
unless (($command->expect(20, -re => 'Enter pass phrase:'))) {};
$command->log_stdout(0);
print $command $password;

$command->soft_close();
}


-- 
Linux pour Mac !? Enfin le moyen de transformer
une pomme en véritable ordinateur. - JL.
Olivier Thauvin - http://nanardon.homelinux.org/

Re: [Cooker] Re: [Contrib-Rpm] php-mhash-4.3.2-2mdk

[Olivier Thauvin]

Le Jeudi 12 Juin 2003 18:26, Per Øyvind Karlsen a écrit :
> when uploading them yourself(not upping them to ftp.linux-mandrake.com) you
> should'nt sign them, as you see, noone else does this, and when people are
> installing your packages they'll get warnings about it because the package
> has both your signature and the mandrakesoft, while they have only the
> mandrakesoft signatures..

Nop, contrib are not resign by mdk. Then poeple get only personnal signature.

-- 
Linux pour Mac !? Enfin le moyen de transformer
une pomme en véritable ordinateur. - JL.
Olivier Thauvin - http://nanardon.homelinux.org/

Re: [Cooker] Re: [Contrib-Rpm] php-mhash-4.3.2-2mdk

[Oden Eriksson]

torsdagen den 12 juni 2003 18.26 skrev Per Øyvind Karlsen:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> On Thursday 12 June 2003 18:19, Brook Humphrey wrote:
> > On Thursday 12 June 2003 02:50, Oden Eriksson wrote:
> > > torsdagen den 12 juni 2003 11.26 skrev Per Øyvind Karlsen:
> > > > -BEGIN PGP SIGNED MESSAGE-
> > > > Hash: SHA1
> > > >
> > > > On Thursday 12 June 2003 11:15, Oden Eriksson wrote:
> > > > > E: php-mhash unknown-key GPG#604AA4E4
> > > >
> > > > why are you actually signing these packages yourself?
> > >
> > > Huh? That's what I've been told to do maybe 1,5 year ago..., has this
> > > policy changed? If so no one has told me about it.
> >
> > Nope I have to sign all the srpm's I send to contribs also.
>
> when uploading them yourself(not upping them to ftp.linux-mandrake.com) you
> should'nt sign them, as you see, noone else does this, and when people are
> installing your packages they'll get warnings about it because the package
> has both your signature and the mandrakesoft, while they have only the
> mandrakesoft signatures..
> I used to sign them myself, but Lenny told me not to, and I guess you
> should'nt neither, unless there's any special reason for this..?
>
> I'm not gonna say I'm *sure* about this, but packages are automatically
> signed, and rpmlint also nags about this..

rpm --sign
rpm: --sign may only be used during package building

AFAIK you cannot resign a package if it's not signed in the first place.

?

-- 
Regards // Oden Eriksson, Deserve-IT.com

Re: [Cooker] Re: [Contrib-Rpm] php-mhash-4.3.2-2mdk

[Per Øyvind Karlsen]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On Thursday 12 June 2003 18:19, Brook Humphrey wrote:
> On Thursday 12 June 2003 02:50, Oden Eriksson wrote:
> > torsdagen den 12 juni 2003 11.26 skrev Per Øyvind Karlsen:
> > > -BEGIN PGP SIGNED MESSAGE-
> > > Hash: SHA1
> > >
> > > On Thursday 12 June 2003 11:15, Oden Eriksson wrote:
> > > > E: php-mhash unknown-key GPG#604AA4E4
> > >
> > > why are you actually signing these packages yourself?
> >
> > Huh? That's what I've been told to do maybe 1,5 year ago..., has this
> > policy changed? If so no one has told me about it.
>
> Nope I have to sign all the srpm's I send to contribs also.
when uploading them yourself(not upping them to ftp.linux-mandrake.com) you 
should'nt sign them, as you see, noone else does this, and when people are 
installing your packages they'll get warnings about it because the package 
has both your signature and the mandrakesoft, while they have only the 
mandrakesoft signatures..
I used to sign them myself, but Lenny told me not to, and I guess you 
should'nt neither, unless there's any special reason for this..?

I'm not gonna say I'm *sure* about this, but packages are automatically 
signed, and rpmlint also nags about this..
- -- 
Regards,
Per Øyvind Karlsen
Sintrax Solutions
http://www.sintrax.net - +47 41681061
- 
GPG Key: http://sintrax.net/~hawkeye/key.asc
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.2 (GNU/Linux)

iD8DBQE+6KnJv8F7V9JOSuURAgAUAJ424n+kdHTNk0S2FgKPyn5bgfYmngCfU7VN
tCu1Du4m9fPmmDC0C7w3Umg=
=5SYw
-END PGP SIGNATURE-

Re: [Cooker] Re: [Contrib-Rpm] php-mhash-4.3.2-2mdk

[Brook Humphrey]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On Thursday 12 June 2003 02:50, Oden Eriksson wrote:
> torsdagen den 12 juni 2003 11.26 skrev Per Øyvind Karlsen:
> > -BEGIN PGP SIGNED MESSAGE-
> > Hash: SHA1
> >
> > On Thursday 12 June 2003 11:15, Oden Eriksson wrote:
> > > E: php-mhash unknown-key GPG#604AA4E4
> >
> > why are you actually signing these packages yourself?
>
> Huh? That's what I've been told to do maybe 1,5 year ago..., has this
> policy changed? If so no one has told me about it.

Nope I have to sign all the srpm's I send to contribs also.

- -- 
New and improved with advanced outlook crash handler. 

 -~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-
  Brook Humphrey   
Mobile PC Medic, 420 1st, Cheney, WA 99004, 509-235-9107
http://www.webmedic.net, [EMAIL PROTECTED], [EMAIL PROTECTED]   
 Holiness unto the Lord
 -~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.2 (GNU/Linux)

iD8DBQE+6KgUnT1TkA6FgPgRAtq0AJ9r/DP7MqJsBCSgVMgK5jNGQjIe2gCfYgSJ
0m8znO3XCzxhORCIKUwMj9s=
=jAaf
-END PGP SIGNATURE-

Re: [Cooker] Re: [Contrib-Rpm] php-mhash-4.3.2-2mdk

[Oden Eriksson]

torsdagen den 12 juni 2003 11.26 skrev Per Øyvind Karlsen:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> On Thursday 12 June 2003 11:15, Oden Eriksson wrote:
> > E: php-mhash unknown-key GPG#604AA4E4
>
> why are you actually signing these packages yourself?

Huh? That's what I've been told to do maybe 1,5 year ago..., has this policy 
changed? If so no one has told me about it.

-- 
Regards // Oden Eriksson, Deserve-IT.com