[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: gpg checking and specifying the key to look for

From: Jeff Johnson <jbj redhat com>
To: rpm-list redhat com
Subject: Re: gpg checking and specifying the key to look for
Date: Fri, 12 Jul 2002 17:39:59 -0400

On Fri, Jul 12, 2002 at 04:24:33PM -0400, seth vidal wrote:
> Hey,
>  is there anyway by setting an rpmmacro to specify that the gpg check
> consider valid packages signed only by a specific key?
> 
> ie: I'd like to have a pubring with red hat's and joeblow's key - is
> there anyway that I can tell rpm to only check for joeblow's key - and
> if it finds a packages signed by !joeblow it will throw an error?
> 

Set up a gpg keyring with joeblows key.

Override the 
...
    %__gpg_verify_cmd            %{__gpg} \
        gpg --batch --no-verbose --verify \
        %{__signature_filename} %{__plaintext_filename}
macro to add the private keyring.

This is for rpm-4.0.4 only. rpm-4.1 verifies all signatures w/o gpg,
and "trusts" all public keys in the rpm database.

73 de Jeff

-- 
Jeff Johnson	ARS N3NPQ
jbj@redhat.com (jbj@jbj.org)
Chapel Hill, NC

Follow-Ups:
- Re: gpg checking and specifying the key to look for
  - From: seth vidal <skvidal@phy.duke.edu>

References:
- gpg checking and specifying the key to look for
  - From: seth vidal <skvidal@phy.duke.edu>

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index] []