[Rpm-maint] [rpm-software-management/rpm] Help with rpm signing automation (Discussion #3827)
Michal Domonkos
notifications at github.com
Tue Jun 24 08:23:59 UTC 2025
Not an authoritative answer (nor officially recommended), but you can try extending the `%__gpg_sign_cmd` macro with the following arguments:
```
--pinentry-mode loopback --batch --passphrase <passphrase>
```
You'll need to supply a `<passphrase>` in the macro definition, though, so putting this in your `~/.rpmmacros` perhaps isn't ideal. However, if you also add `--passphrase-fd 0`, you'll be able to pipe the passphrase to `rpmsign` (e.g. from your password manager, such as [pass](https://www.passwordstore.org/)).
I've also mentioned this approach a while ago in https://github.com/rpm-software-management/rpm/issues/3740#issuecomment-2872663751.
Others may have better (more idiomatic) ideas, though.
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/discussions/3827#discussioncomment-13559362
You are receiving this because you are subscribed to this thread.
Message ID: <rpm-software-management/rpm/repo-discussions/3827/comments/13559362 at github.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rpm.org/pipermail/rpm-maint/attachments/20250624/f1c378b6/attachment-0001.htm>
More information about the Rpm-maint
mailing list