https://gist.github.com/fernandoaleman/1376720

 How to sign your custom RPM package with GPG key

这是文件rpm-digital-signature.sh

 #rpm-digital-signature.sh

 # How to sign your custom RPM package with GPG key

 # Step:

 # Generate gpg key pair (public key and private key)

 #

 # You will be prompted with a series of questions about encryption.

 # Simply select the default values presented. You will also be asked

 # to create a Real Name, Email Address and Comment (comment optional).

 #

 # If you get the following response:

 # -----------------------------------------------------------------------

 # We need to generate a lot of random bytes. It is a good idea to perform

 # some other action (type on the keyboard, move the mouse, utilize the

 # disks) during the prime generation; this gives the random number

 # generator a better chance to gain enough entropy.

 # -----------------------------------------------------------------------

 # Open up a separate terminal, ssh into your server and run this command:

 # ls -R /

 gpg --gen-key

 # Step:

 # Verify your gpg keys were created

 gpg --list-keys

 # Step:

 # Export your public key from your key ring to a text file.

 #

 # You will use the information for Real Name and Email you used to

 # create your key. I used Fernando Aleman and faleman@email.com

 gpg --export -a 'Fernando Aleman' > RPM-GPG-KEY-faleman

 # Step:

 # Import your public key to your RPM DB

 #

 # If you plan to share your custom built RPM packages with others, make sure

 # to have your public key file available online so others can verify RPMs

 sudo rpm --import RPM-GPG-KEY-faleman

 # Step:

 # Verify the list of gpg public keys in RPM DB

 rpm -q gpg-pubkey --qf '%{name}-%{version}-%{release} --> %{summary}\n'

 # Step:

 # Configure your ~/.rpmmacros file

 #

 # You can use the following command to edit if you are on the server:

 # vi ~/.rpmmacros

 #

 # %_signature => This will always be gpg

 # %_gpg_path  => Enter full path to .gnupg in your home directory

 # %_gpg_name  => Use the Real Name you used to create your key

 # %_gpbin     => run `which gpg` (without ` marks) to get full path 

 %_signature gpg

 %_gpg_path /root/.gnupg

 %_gpg_name Fernando Aleman

 %_gpgbin /usr/bin/gpg

 # Step:

 # Sign your custom RPM package

 #

 # You can sign each RPM file individually:

 rpm --addsign git-1.7.7.3-.el6.x86_64.rpm

 # Or you can `cd` into your RPMS folder and sign them all:

 rpm --addsign *.rpm

 # Step:

 # Check the signature to make sure it was signed

 #

 # Watch for 'gpg OK' as in this example:

 # git-1.7.7.3-.el6.x86_64.rpm: (sha1) dsa sha1 md5 gpg OK

 rpm --checksig git-1.7.7.3-.el6.x86_64.rpm

 # Tip!

 # Sign package during build

 #

 # To sign a package while it's being built, simply add '--sign'

 rpmbuild -ba --sign git.spec

DIY的RPM包怎么签名呢 How to sign your custom RPM package with GPG key的更多相关文章

  1. DIY的RPM包怎么签名呢 - 笔记

    参考 https://gist.github.com/fernandoaleman/1376720 如果打不开上一个连接,请参考https://www.cnblogs.com/LiuYanYGZ/p/ ...

  2. RPM 包的构建 - 实例

    打包目录 rpm 打包目录有一些严格的层次上的要求. rpm 的版本 <=4.4.x,rpmbuid 工具其默认的工作路径是 /usr/src/redhat.因为权限的问题,普通用户不能制作 r ...

  3. RPM 包的构建 - SPEC 基础知识

    spec 文件 制作 rpm 软件包并不是一件复杂的工作,其中的关键在于编写软件包的 spec 描述文件. 要想制作一个 rpm 软件包就必须写一个软件包描述文件 spec.这个文件中包含了软件包的诸 ...

  4. 使用rpm-build制作nginx的rpm包

    2014-11-27 11:05:49   一.RPM包的分类 RPM有五种基本的操作功能:安装.卸载.升级.查询和验证. linux软件包分为两大类: (1)二进制类包,包括rpm安装包(一般分为i ...

  5. 自学Linux Shell9.2-基于Red Hat系统工具包存在两种方式之一:RPM包

    点击返回 自学Linux命令行与Shell脚本之路 9.2-基于Red Hat系统工具包存在两种方式之一:RPM包 本节主要介绍基于Red Had的系统(测试系统centos) 1. 工具包存在两种方 ...

  6. rpm包的安装,查询,卸载,升级,校验,数据库重建,验证数据包

    rpm命名: 包:组成部分 主包:bind-9.7.1-1.i586.e15.rpm 子包:bind-lib-9.7.1-1.i586.e15.rpm bind-utils-9.7.1-1.i586. ...

  7. 一步步制作RPM包

    一步步制作RPM包 来源 http://blog.51cto.com/laoguang/1103628 一.RPM制作步骤 我们在企业中有的软件基本都是编译的,我们每次安装都得编译,那怎么办呢?那就根 ...

  8. linux 下载rpm包到本地,createrepo:创建本地YUM源

    如何下载rpm包到本地 设置yum安装时,保留rpm包. 1.编辑 /etc/yum.conf 将keepcache的值设置为1; 这样就可以将yum安装时的rpm包保存在 /var/cache/yu ...

  9. 部分rpm包总结描述

    acl-2.2.51-15.el7.x86_64 Commands for Manipulating POSIX(可移植操作系统接口 of unix) Access Control Lists.有ge ...

随机推荐

  1. nodejs读取excel内容批量替换并生成新的html和新excel对照文件

    因为广告投放需要做一批对外投放下载页面,由于没有专门负责填充页面的编辑同学做,只能前端来做了, 拿到excel看了一下,需要生成200多个文件,一下子懵逼了. 这要是来回复制粘贴太low了 正好最新用 ...

  2. checking for event2/thread.h... no libevent_pthreads required, failing

    /********************************************************************************** * checking for e ...

  3. [转]angular的路由机制

    在谈路由机制前有必要先提一下现在比较流行的单页面应用,就是所谓的single page APP.为了实现无刷新的视图切换,我们通常会用ajax请求从后台取数据,然后套上HTML模板渲染在页面上,然而a ...

  4. 对于org.apache.commons.dbcp.BasicDataSource的配置认知

    对于org.apache.commons.dbcp.BasicDataSource的配置认知[转] Spring在第三方依赖包中包含了两个数据源的实现类包,其一是Apache的DBCP,其二是 C3P ...

  5. Update多个字段从一个表中

    UPDATE XXXXXX S SET (S.XXX, S.CCC, S.DDD, S.AAA, S.BBB) = (SELECT F.XXX, F.CCC, F.AAA, BBB FROM XXXX ...

  6. codeforce -39E-What Has Dirichlet Got to Do with That?(博弈+dfs)

    You all know the Dirichlet principle, the point of which is that if n boxes have no less than n + 1  ...

  7. [置顶] 自己写一个简单通用的Makefile

    转自:http://blog.csdn.net/u011913612/article/details/52102241 一.makefile的作用 Makefile是用于自动编译和链接的,一个工程有很 ...

  8. springmvc----demo1---hello---bai

    import java.util.HashMap; import java.util.Map; import javax.servlet.http.HttpServletRequest; import ...

  9. 前端seo小结,网页代码优化

    seo的目的:提高网站流量 search engine optimization 搜索引擎优化seo search engine marketing 搜索引擎营销sem 权重10个等级 等级越大,权重 ...

  10. 部署和调优 1.1 nfs部署和优化-2

    更改共享目录文件默认的所有者和所属组 已知道客户端有个user11用户 cat /etc/passwd user11:x:501:501::/home/user11:/bin/bash 服务端打开 v ...