On Wed, 12 Nov 2008, Troy Dawson wrote:
Hi,
Since we have a month to test this, can you send me the exact rpm version and
the version of linux that you sign them on. We'll give it a shot. We
haven't tried signing the 1.6 jdk's, and if we can get it setup and tested,
that would be great.
I've never had an issue signing with the rpm binary from Red Hat 6 - RH version
6.0 I think. Of course, I don't claim to have tried signing as many packages
as you and Connie would have :-) and I've only used the --addsign option.
Also, I don't know if there are any issues/dependencies on one's gpg signature.
The rpm binary I use:
$ md5sum ~/bin/rpm6
dcb99da4a08ee8376c671330845f0e57 /home/deatrich/bin/rpm6
$ ls -l ~/bin/rpm6
-rwxr-xr-x 1 deatrich deatrich 757920 Apr 19 1999 /home/deatrich/bin/rpm6
$ file ~/bin/rpm6
/home/deatrich/bin/rpm6: ELF 32-bit LSB executable, Intel 80386, version 1
(SYSV), for GNU/Linux 2.0.0, statically linked, for GNU/Linux 2.0.0, stripped
Randomly signing a package:
$ rpm6 --addsign java-1.5.0-sun-1.5.0.14-1jpp.x86_64.rpm
Enter pass phrase:
Pass phrase is good.
# rpm --checksig java-1.5.0-sun-1.5.0.14-1jpp.x86_64.rpm
java-1.5.0-sun-1.5.0.14-1jpp.x86_64.rpm: sha1 md5 gpg OK
cheers,
denice
--
deatrich @ triumf.ca, Science/Atlas PH: +1 604-222-7665
<*> This moment's fortune cookie:
It is easier to fight for one's principles than to live up to them.
-- Alfred Adler
