[Rpm-maint] --resign fails?

Paul Nasrat pnasrat at redhat.com
Fri Dec 15 08:15:35 UTC 2006

On Thu, 2006-12-14 at 23:49 -0800, Shandy Brown wrote:
> How do i know when rpm --resign fails.  The output isn't very
> descriptive.  I tried this:
>  $ rpm -v --resign yum-2.0.7-3vmw.noarch.rpm
> yum-2.0.7-3vmw.noarch.rpm:

Can you do

rpm -E '%_signature %_gpg_name'

The default signature type is 'none', if it's set to that rpm won't sign
and thus the return code is 0, as it successfully applied no signature.

If signature is set to something non existent you'll get a return code
of 1 and an error: Invalid %_signature spec in macro file.

If you sign a non existent file you also get return code 1, as well as
if you put in the incorrect pass phrase.

I'd agree this is potentially a little confusing, a guide to signing
would probably clarify.  In your case to ensure proper signing you could
test %_signature != 'none' and then test the return code of the resign


More information about the Rpm-maint mailing list