[Mageia-sysadm] package signing
nicolas vigier
boklm at mars-attacks.org
Thu Jan 20 19:55:38 CET 2011
Hello,
I have started setup of package signing (and will continue tomorrow,
unless someone do it before).
What has been done :
- signbot user created
- signbot user added in schedbot group (to have write access on package
files)
- created script mga-signpackage to sign a package (in mdv-youri-submit
bin directory), to be installed as /usr/bin/mga-signpackage
- updated Sign action in mdv-youri-submit to run mga-signpackage script
with "sudo -u signbot"
What remains to be done :
- add sudoers config to allow schedbot to run mga-signpackage script
with signbot account
- change permissions on package directories, to allow write access for
schedbot group
- generate key with gnupg puppet module (maybe update the module to be
able to change the path for keys)
- update mdv-youri-submit package and install it on valstar
- enable signing in youri config and test
Nicolas
More information about the Mageia-sysadm
mailing list