Login | Register
My pages Projects Community openCollabNet

Discussions > users > Adding Your Own GPG Signed S/RPMs to current channels.

Project highlights: Stable Version: 1.6.1, Development Version: 1.7.6

current
Discussion topic

2020-03-13: This site is going to be decommissioned and shut down very soon. Please copy and archive any data you wish to keep ASAP

Back to topic list

Adding Your Own GPG Signed S/RPMs to current channels.

Reply

Author Joy Almacen <jalmacen at edgeprojects dot com>
Full name Joy Almacen <jalmacen at edgeprojects dot com>
Date 2004-01-16 22:32:34 PST
Message Good morning current users,

I do not know if somebody on the list posted this information previously. I
thought it would be good to share what I have found out about custom GPG
signed RPMs. Sorry if you feel this info is a little bit basic to post here
;-)

After an hour or two of research, I finally figured out how to add your
custom GPG signed RPMS/SRPMS to the main current channel. Whereas before, I
have to disable up2date from using GPG(very bad idea) by setting 'useGPG No'
or by running up2date -u --nosig to get my own RPMs to work. Now I can
create my own RPMs, GPG sign it, and let the clients add my public key to
/etc/sysconfig/rhn/u​p2date-keyring.gpg. I will not explain about how to use
GnuPG and keyrings. Here' how I was able to accomplish it:

1. Generate your RPM GPG key.
2. Export your RPM GPG public key for your current clients to download.
3. On the client machines, add your RPM GPG key to
/etc/sysconfig/rhn/u​p2date-keyring.gpg.
   Make sure you make a backup of the original RedHat keyring:

cd /etc/sysconfig/rhn/
cp -p up2date-keyring.gpg up2date-keyring.gpg.orig

4. Add your exported RPM GPG key to /etc/sysconfig/rhn/u​p2date-keyring.gpg:

gpg --no-default-keyring --keyring
/etc/sysconfig/rhn/u​p2date-keyring.gpg --import
/home/joy/EDGEPROJEC​TS-RPM-GPG-KEY

5. Check if the import was successful:

gpg --list-keys --keyring /etc/sysconfig/rhn/u​p2date-keyring.gpg

You should see something like:

/etc/sysconfig/rhn/u​p2date-keyring.gpg
--------------------​------------------
pub 1024D/DB42A60E 1999-09-23 Red Hat, Inc <security at redhat dot com>
sub 2048g/961630A2 1999-09-23

pub 1024D/47A1815C 2003-11-21 Edge Projects (Edge Projects
<www.edgeprojects.com> RPM Key) <rpms at edgeprojects dot com>
sub 2048g/ED589F41 2003-11-21

Now you can install your custom GPG signed S/RPMs:

[root@builder rhn]# up2date --show-available
current-1.4.4-1.3ES.i386

[root@builder rhn]# up2date -i current

Fetching package list for channel: rhel-i386-es-3...
####################​####################​

Fetching Obsoletes list for channel: rhel-i386-es-3...

Fetching rpm headers...
####################​####################​

Name Version Rel
--------------------​--------------------​------------------
current 1.4.4 1.3ES
i386
No advisory information available


Testing package set / solving RPM inter-dependencies...
####################​####################​
current-1.4.4-1.3ES.i386.rp ########################## Done.
Preparing ####################​####################​### [100%]

Installing...
   1:current ####################​####################​###
[100%]

Here's the link where I got most of the info here:
http://current-auror​a.anthonymendoza.com​/

Joy Almacen
jalmacen at edgeprojects dot com
Phone: 954-749-5711
Mobile: 954-608-7811

Edge Projects
www.edgeprojects.com
Reliable Open Source Solutions Consulting.







--------------------​--------------------​--------------------​---------
To unsubscribe, e-mail: users-unsubscribe@cu​rrent.tigris.org
For additional commands, e-mail: users-help at current dot tigris dot org

« Previous message in topic | 1 of 1 | Next message in topic »

Messages

Show all messages in topic

Adding Your Own GPG Signed S/RPMs to current channels. Joy Almacen <jalmacen at edgeprojects dot com> Joy Almacen <jalmacen at edgeprojects dot com> 2004-01-16 22:32:34 PST
Messages per page: