Jeff, On Oct 7, 2008, at 5:16 PM, Jeff Johnson wrote:
Well 2004 was a long time ago. Times have changed too ... FWIW, rpm-5 uses keyutils to store passphrases. Which means that its possible to us keyutils to manage a persistent session pass phrase, loaded before rpm is invoked, and the passphrase will be passed to gpg for signinging packages. But you can attempt signing without a pass phrase if you want too.
In my excitement, I assumed a bit too much about the system that you've described - from the following rpm-devel thread:
http://rpm5.org/community/rpm-devel/1440.htmlIt looks like this implementation has been discussed, but I've not found any documentation on how to actually use it - is there any out there?
thanks, -lev