Am Dienstag, 2. Mai 2006 12:43 schrieb houghi:
> I still get the same error. I now have:
> #Remove keys in content
> grep -v ^META $CD_DIR/content > $CD_DIR/content.bak
> mv $CD_DIR/content.bak $CD_DIR/content
> grep -v ^KEY $CD_DIR/content > $CD_DIR/content.bak
> mv $CD_DIR/content.bak $CD_DIR/content
Does all content have to be signed by the same key? If not, why do you resign
also files, which content did not change (e.g. selection files)?
> #Set the key
> LOCAL_KEY=`gpg --list-secret-keys|grep "^sec"|sed -e
> 's/.*\///;s/.*//g;'|head -n 1` gpg --export -a >
> $CD_DIR/gpg-pubkey-${LOCAL_KEY}.asc
This gives a file like gpg-pubkey-6344CBC1.asc
But on the CDs the keys look like this:
gpg-pubkey-9c800aca-40d8063e.asc
>
> # Sign files in /suse/setup/descr/
> for FILE in `ls $CD_DIR/suse/setup/descr/`
> do
> echo "META SHA1 $(cd $CD_DIR/suse/setup/descr/ && sha1sum
> ${FILE})" >> $CD_DIR/content done
> #Sign *.asc files
> for FILE in `ls $CD_DIR|grep ^gpg-pubkey*`
> do
> echo "KEY SHA1 $(cd $CD_DIR && sha1sum ${FILE})">>
> $CD_DIR/content done
Here the same question: is it neccessary to resign all the files? Or would it
be enough to sign only the files makeSuSEdvd changed?
Btw:
gpg --detach-sign -u $LOCAL_KEY -a $CD_DIR/media.1/products
creates products.sig not products.asc on my SL 9.3
--
Mit freundlichen Grüßen,
Marcel Hilzinger
Linux New Media AG
Süskindstr. 4
D-81929 München
Tel: +49 (89) 99 34 11 0
Fax: +49 (89) 99 34 11 99
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
