[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]
Re: gpg checking and specifying the key to look for
- From: Jeff Johnson <jbj redhat com>
- To: rpm-list redhat com
- Subject: Re: gpg checking and specifying the key to look for
- Date: Sat, 13 Jul 2002 12:53:50 -0400
On Sat, Jul 13, 2002 at 12:40:50PM -0400, seth vidal wrote:
> On Fri, 2002-07-12 at 17:39, Jeff Johnson wrote:
> > On Fri, Jul 12, 2002 at 04:24:33PM -0400, seth vidal wrote:
> > > Hey,
> > > is there anyway by setting an rpmmacro to specify that the gpg check
> > > consider valid packages signed only by a specific key?
> > >
> > > ie: I'd like to have a pubring with red hat's and joeblow's key - is
> > > there anyway that I can tell rpm to only check for joeblow's key - and
> > > if it finds a packages signed by !joeblow it will throw an error?
> > >
> >
> > Set up a gpg keyring with joeblows key.
> >
> > Override the
> > ...
> > %__gpg_verify_cmd %{__gpg} \
> > gpg --batch --no-verbose --verify \
> > %{__signature_filename} %{__plaintext_filename}
> > macro to add the private keyring.
> >
> > This is for rpm-4.0.4 only. rpm-4.1 verifies all signatures w/o gpg,
> > and "trusts" all public keys in the rpm database.
> >
>
> Right - I can do this - I was sorta hoping there was a way to tell it to
> only check with _this_ key, not ANY key in the pubring.
If there is a means to do this, then it will be a gpg, not rpm, option.
All that rpm does is fire up gpg, parse the output and look at the exit code.
rpm-4.0.4 doesn't know diddly about any keys, let alone _this_ key.
73 de Jeff
--
Jeff Johnson ARS N3NPQ
jbj@redhat.com (jbj@jbj.org)
Chapel Hill, NC
[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]
[]