On 01/16/15 11:53, Dennis Gilmore wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1On Fri, 16 Jan 2015 10:44:40 -0600 Mátyás Selmeci <[email protected]> wrote:On 01/16/15 01:39, Miroslav Suchý wrote:On 01/16/2015 03:30 AM, Mátyás Selmeci wrote:I have imported several rpms into our koji without realizing that they were unsigned. I'd like to sign them with our gpg key, but I can't figure out how to do that after the fact. We use the signing plugin from https://fedorahosted.org/koji/ticket/203, but that only works for rpms we build ourselves.You might find usefull: https://fedorahosted.org/katello/wiki/ReleasingKatello#Signpackages This describe how to sign packages in Katello private Koji instance. tl;dr version Just sign those packages and: koji -c ~/.koji/your-config import-sig *.rpm And they will appear as signed on koji.I tried that, then I did koji write-signed-rpm, and now I have both signed and unsigned RPMs in my packages directory. Then I did a koji regen-repo and tried to do an install from the newly created repo, but it's the unsigned package that got picked up. Is there any way around that? -Matyou have to use mash to make a repo with the signed rpms Dennis
Is there no way for me to delete the old rpms and reimport them? -Mat
smime.p7s
Description: S/MIME Cryptographic Signature
-- buildsys mailing list [email protected] https://admin.fedoraproject.org/mailman/listinfo/buildsys
