Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

rpmsign(8) [centos man page]

RPMSIGN(8)						      System Manager's Manual							RPMSIGN(8)

NAME
rpmsign - RPM Package Signing SYNOPSIS
rpm --addsign|--resign PACKAGE_FILE ... rpm --delsign PACKAGE_FILE ... DESCRIPTION
Both of the --addsign and --resign options generate and insert new signatures for each package PACKAGE_FILE given, replacing any existing signatures. There are two options for historical reasons, there is no difference in behavior currently. rpm --delsign PACKAGE_FILE ... Delete all signatures from each package PACKAGE_FILE given. USING GPG TO SIGN PACKAGES In order to sign packages using GPG, rpm must be configured to run GPG and be able to find a key ring with the appropriate keys. By default, rpm uses the same conventions as GPG to find key rings, namely the $GNUPGHOME environment variable. If your key rings are not located where GPG expects them to be, you will need to configure the macro %_gpg_path to be the location of the GPG key rings to use. If you want to be able to sign packages you create yourself, you also need to create your own public and secret key pair (see the GPG manual). You will also need to configure the rpm macros %_gpg_name The name of the "user" whose key you wish to use to sign your packages. For example, to be able to use GPG to sign packages as the user "John Doe <jdoe@foo.com>" from the key rings located in /etc/rpm/.gpg using the executable /usr/bin/gpg you would include %_gpg_path /etc/rpm/.gpg %_gpg_name John Doe <jdoe@foo.com> %__gpg /usr/bin/gpg in a macro configuration file. Use /etc/rpm/macros for per-system configuration and ~/.rpmmacros for per-user configuration. Typically it's sufficient to set just %_gpg_name. SEE ALSO
popt(3), rpm(8), rpmdb(8), rpmkeys(8), rpm2cpio(8), rpmbuild(8), rpmspec(8), rpmsign --help - as rpm supports customizing the options via popt aliases it's impossible to guarantee that what's described in the manual matches what's available. http://www.rpm.org/ <URL:http://www.rpm.org/> AUTHORS
Marc Ewing <marc@redhat.com> Jeff Johnson <jbj@redhat.com> Erik Troan <ewt@redhat.com> Panu Matilainen <pmatilai@redhat.com> Red Hat, Inc RPMSIGN(8)

Check Out this Related Man Page

RPMKEYS(8)						      System Manager's Manual							RPMKEYS(8)

NAME
rpmkeys - RPM Keyring SYNOPSIS
rpmkeys {--import|--checksig} DESCRIPTION
The general forms of rpm digital signature commands are rpmkeys --import PUBKEY ... rpmkeys {-K|--checksig} PACKAGE_FILE ... The --checksig option checks all the digests and signatures contained in PACKAGE_FILE to ensure the integrity and origin of the package. Note that signatures are now verified whenever a package is read, and --checksig is useful to verify all of the digests and signatures associated with a package. Digital signatures cannot be verified without a public key. An ASCII armored public key can be added to the rpm database using --import. An imported public key is carried in a header, and key ring management is performed exactly like package management. For example, all cur- rently imported public keys can be displayed by: rpm -qa gpg-pubkey* Details about a specific public key, when imported, can be displayed by querying. Here's information about the Red Hat GPG/DSA key: rpm -qi gpg-pubkey-db42a60e Finally, public keys can be erased after importing just like packages. Here's how to remove the Red Hat GPG/DSA key rpm -e gpg-pubkey-db42a60e SEE ALSO
popt(3), rpm(8), rpmdb(8), rpmsign(8), rpm2cpio(8), rpmbuild(8), rpmspec(8), rpmkeys --help - as rpm supports customizing the options via popt aliases it's impossible to guarantee that what's described in the manual matches what's available. http://www.rpm.org/ <URL:http://www.rpm.org/> AUTHORS
Marc Ewing <marc@redhat.com> Jeff Johnson <jbj@redhat.com> Erik Troan <ewt@redhat.com> Panu Matilainen <pmatilai@redhat.com> Red Hat, Inc 29 October 2010 RPMKEYS(8)
Man Page

Featured Tech Videos