I am having difficulty getting rpm to trust the gpg key I have used to sign rpm packages I am creating.
I used gpg --gen-key to create the key. I chose RSA, 1024.
I signed the packages using --sign when building the rpm's using rpmbuild. Here is the output from rpm --checksig on one of my packages:
I believe that what I need to do is register my signature with rpm. I have tried the following:
My goal is to add these to a custom channel on our satellite server, so I guess I'll need to add the gpg signature.
I am setting up a new server with the goal of porting a solaris server to centos. I want to compile some packages myself (ie) http, ssl, mysql, etc. The reason for this is the downloadable rpm packages are very old. I probably want to make sure the kernel is up to date, but the individual pages... (2 Replies)
How to make RPM not write to RPM database if RPM fails to deploy?
IE I create an rpm spec file that contains the following
if
then
exit 1
fi
My rpm will fail at deployment, but if I do rpm -qa , I can see the rpm in the rpm db (3 Replies)
I have a list of rpm packages... and want to check if the version is equal to or greater than the package in the package list. This is what I have so far... but I would like to add more intelligence to it.
while read line
do
COUNT=`rpm -qa --qf "%{n}-%{v}-%{r} (%{arch})\n" | grep -c "$line"`
... (0 Replies)
Hi guys, I am trying to install some packages for my oracle 11g r2 installation, the below error shows up when I try below:
warning: glibc-devel-2.5-24.i386.rpm: Header V3 DSA signature: NOKEY, key ID 37017186
error: Failed dependencies:
glibc-headers is needed by... (8 Replies)
Hi,
I need to export an existing PGP key and import it into GnuPG on a different machine.
This is how I did the export:
pgp -kx myuser _myuser_public
pgp -kx myuser _myuser_private secring.skr
(this is from the pgp installation directory that contains secring.skr).
This produced two... (0 Replies)
dears
i am trying to install the autoconf-2.63-1.aix6.1.noarch.rpm but its shows the below error message .
P700_dev/svn/dependencies>rpm -i autoconf-2.63-1.aix6.1.noarch.rpm
error: failed dependencies:
m4 is needed by autoconf-2.63-1
P700_dev/svn/dependencies> (6 Replies)
I was trying to install some packages. We already installed all the dependent packages.
But i was unable to install any of the packages..... What might be the reason ??
Please tell me !!! (1 Reply)
Hi all,
I have also posted in the UNIX for Dummies forum. Wasn't sure which would be best.
Trying to get the following packages for an ARM 71 device running an image of Fedora 18. I need these system livraries for compilation.
gtk2-devel-2.22.0-2.fc14.i686.rpm... (0 Replies)
Hi all,
Trying to get the following packages for an ARM 71 device running an image of Fedora 18. I need these system livraries for compilation.
gtk2-devel-2.22.0-2.fc14.i686.rpm
proj-devel-4.7.0-3.fc14.i686.rpm
proj-4.7.0-3.fc14.i686.rpm
Anyone know where I could find them?
Thanks in... (3 Replies)
Hi,
We have a number of Windows Server 2003 shares mounted on our AIX server via CIFS, using a command similar to this:
mkcifsmnt -f /test -d testshare -h testserver -c testuser -p pass -w DOMAIN
The windows servers are currently being upgraded to 2012, and as part of this they are setting... (0 Replies)
Discussion started by: AndyG
0 Replies
LEARN ABOUT OSF1
rpmkeys
RPMKEYS(8) System Manager's Manual RPMKEYS(8)NAME
rpmkeys - RPM Keyring
SYNOPSIS
rpmkeys {--import|--checksig}
DESCRIPTION
The general forms of rpm digital signature commands are
rpmkeys --import PUBKEY ...
rpmkeys {-K|--checksig} PACKAGE_FILE ...
The --checksig option checks all the digests and signatures contained in PACKAGE_FILE to ensure the integrity and origin of the package.
Note that signatures are now verified whenever a package is read, and --checksig is useful to verify all of the digests and signatures
associated with a package.
Digital signatures cannot be verified without a public key. An ASCII armored public key can be added to the rpm database using --import.
An imported public key is carried in a header, and key ring management is performed exactly like package management. For example, all cur-
rently imported public keys can be displayed by:
rpm -qa gpg-pubkey*
Details about a specific public key, when imported, can be displayed by querying. Here's information about the Red Hat GPG/DSA key:
rpm -qi gpg-pubkey-db42a60e
Finally, public keys can be erased after importing just like packages. Here's how to remove the Red Hat GPG/DSA key
rpm -e gpg-pubkey-db42a60e
SEE ALSO popt(3),
rpm(8),
rpmdb(8),
rpmsign(8),
rpm2cpio(8),
rpmbuild(8),
rpmspec(8),
rpmkeys --help - as rpm supports customizing the options via popt aliases it's impossible to guarantee that what's described in the manual
matches what's available.
http://www.rpm.org/ <URL:http://www.rpm.org/>
AUTHORS
Marc Ewing <marc@redhat.com>
Jeff Johnson <jbj@redhat.com>
Erik Troan <ewt@redhat.com>
Panu Matilainen <pmatilai@redhat.com>
Red Hat, Inc 29 October 2010 RPMKEYS(8)