[Rpm-maint] [rpm-software-management/rpm] RFE: automatically sign packages on build (Issue #2678)
Neal H. Walfield
notifications at github.com
Thu Sep 28 10:21:53 UTC 2023
> Oh, and part of the this "automation vision" here would be automatically generating that "local builds" key so that a person just wanting to build and install rpms for their own use basically doesn't need to learn the damnest thing about PGP as the first thing. And not finger-memorize --nosignature as something you normally use (against the background that rpm really, really needs to start requiring signatures by default)
Now I understand better, thanks.
For the case where the rpms are only going to be installed locally, it would be enough to have a local, user-specific rpm-specific key that is used for this type of thing. If the key does not exist, then it is first created. When the user wants to install the rpm, they first need to install the local, user-specific key, which could be done by `rpmkeys`. `rpm` could even detect that the signature is from a local, user-specific key (perhaps by way of a notation added to the signature), and print a message telling the user how to install the key. What do you think?
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/issues/2678#issuecomment-1738876557
You are receiving this because you are subscribed to this thread.
Message ID: <rpm-software-management/rpm/issues/2678/1738876557 at github.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rpm.org/pipermail/rpm-maint/attachments/20230928/76355fe0/attachment.html>
More information about the Rpm-maint
mailing list