On 4/17/22 13:26, Maxwell G via devel wrote:
Apr 16, 2022 8:01:27 PM Globe Trotter via devel :
Source1: %{source0}.sig
Does this still fail if you use the full path? It looks like `%{source0}` isn't
getting expanded properly.
Macros are case-sensitive. It's %{SOURCE0}.
- Panu
Thanks for the detailed explanation—which I didn’t have time to supply myself,
but fully agree with—and the good advice to re-use the xfontsel keychain file.
It’s even better when the key can come from a source with some nonzero (if
imperfect) level of trust, like upstream’s HTTPS server, or an
Ben Beasley wrote:
> It doesn’t really matter what the file is called. Personally, I would rename
> it to oclock.gpg and add a brief spec file comment explaining where it came
> from.
I agree. It's important to document where the key came from, and the
filename by itself would just be
It doesn’t really matter what the file is called. Personally, I would rename it
to oclock.gpg and add a brief spec file comment explaining where it came from.
On Sun, Apr 17, 2022, at 12:19 PM, Globe Trotter via devel wrote:
> Btw, I assume that i should call it xfontsel.gpg, or should I rename
Btw, I assume that i should call it xfontsel.gpg, or should I rename it too?
Thanks!
On Sunday, April 17, 2022, 10:50:37 AM CDT, Globe Trotter via devel
wrote:
Thanks very much! I will do this today.
On Sunday, April 17, 2022, 09:12:15 AM CDT, Björn Persson
wrote:
Ben
Thanks very much! I will do this today.
On Sunday, April 17, 2022, 09:12:15 AM CDT, Björn Persson
wrote:
Ben Beasley wrote:
> Please see
> https://src.fedoraproject.org/rpms/xfontsel/blob/a38f5a42fa7bc59378527cf05dabe29523675613/f/xfontsel.spec#_10
> for an example from the same
Ben Beasley wrote:
> Please see
> https://src.fedoraproject.org/rpms/xfontsel/blob/a38f5a42fa7bc59378527cf05dabe29523675613/f/xfontsel.spec#_10
> for an example from the same group of X11 programs.
What's described there is known as TOFU – trust on first use. Ben
looked up which key made the
On Sunday, April 17, 2022, 05:26:52 AM CDT, Maxwell G via devel
wrote:
> Apr 16, 2022 8:01:27 PM Globe Trotter via devel
> :
>> Source1: %{source0}.sig
> Does this still fail if you use the full path? It looks like `%{source0}`
> isn't getting expanded properly.
Yes,
Apr 16, 2022 8:01:27 PM Globe Trotter via devel :
> Source1: %{source0}.sig
Does this still fail if you use the full path? It looks like `%{source0}` isn't
getting expanded properly.
Thanks,
--
Maxwell G
Pronouns: He/Him/His
gotmax@e.email
___
Please see
https://src.fedoraproject.org/rpms/xfontsel/blob/a38f5a42fa7bc59378527cf05dabe29523675613/f/xfontsel.spec#_10
for an example from the same group of X11 programs. Note also that oclock was
previously retired, so see
Hi,
I am trying to pakage oclock for Fedora. According to the packaging guidelines
I need to have a gpg key.
https://docs.fedoraproject.org/en-US/packaging-guidelines/#_source_file_verification
So, the package itself comes with a oclock-1.0.4.tar.gz.sig (from upstream).
How do I use this?
I
11 matches
Mail list logo
