On Fri, 2002-07-12 at 17:39, Jeff Johnson wrote:
> On Fri, Jul 12, 2002 at 04:24:33PM -0400, seth vidal wrote:
> > Hey,
> > is there anyway by setting an rpmmacro to specify that the gpg check
> > consider valid packages signed only by a specific key?
> >
> > ie: I'd like to have a pubring with red hat's and joeblow's key - is
> > there anyway that I can tell rpm to only check for joeblow's key - and
> > if it finds a packages signed by !joeblow it will throw an error?
> >
>
> Set up a gpg keyring with joeblows key.
>
> Override the
> ...
> %__gpg_verify_cmd %{__gpg} \
> gpg --batch --no-verbose --verify \
> %{__signature_filename} %{__plaintext_filename}
> macro to add the private keyring.
>
> This is for rpm-4.0.4 only. rpm-4.1 verifies all signatures w/o gpg,
> and "trusts" all public keys in the rpm database.
>
Right - I can do this - I was sorta hoping there was a way to tell it to
only check with _this_ key, not ANY key in the pubring.
thanks
-sv
Attachment:
signature.asc
Description: This is a digitally signed message part