In general,
you should allow the user to specify the keyid, since you usually
use one all the time.
> LOCAL_KEY=$(gpg --fingerprint | grep ^pub | awk '{print $2}' | cut -d"/" -f2)
Better extract the keyid out of the secret keyring , like this
LOCAL_KEY=`gpg --list-secret-keys|grep "^sec"|sed -e 's/.*\///;s/ .*//g;'|head
-n 1`
> gpg --export -a > $CD_DIR/gpg-pubkey-${LOCAL_KEY}.asc
> rm $CD_DIR/content.asc
> echo "KEY SHA1 $(cd $CD_DIR && sha1sum gpg-pubkey-${LOCAL_KEY}.asc)" \
> >> $CD_DIR/content
> gpg --export -a -u $LOCAL_KEY > $CD_DIR/content.key
Missing here:
gpg --detach-sign -u $LOCAL_KEY $CD_DIR/content
> rm $CD_DIR/media.1/products.asc
> gpg --detach-sign -a $CD_DIR/media.1/products
> gpg --export -a > $CD_DIR/media.1/products.key
Better:
gpg --export -a -u $LOCAL_KEY > $CD_DIR/media.1/products.key
> So according to the above, I have done:
> 1) create a GPG key
> 2) adapted the "packages" file the latest create_package_descr
> 3) signed content
> 4) created /content.key
>
> As long as I do not know if I am doing things correctly, I can't put
> anything in bugzilla. :-(
See adjustments above, esecpially content.asc signing.
Ciao, Marcus
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
