Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

GPG signature for Fedora RPMs #246

Closed
pocelka opened this issue Jan 17, 2024 · 2 comments
Closed

GPG signature for Fedora RPMs #246

pocelka opened this issue Jan 17, 2024 · 2 comments

Comments

@pocelka
Copy link

pocelka commented Jan 17, 2024

Would it be possible to sign RPMs for fedora? I was installing this nice piece of software using Ansible and I was getting:

Failed to validate GPG signature for lact-headless-0.5.1-0.x86_64: Package lact-headless-0.5.1-0.x86_64.fedora-3957l7cq3k.rpm is not signed.

So far I disabled checking for GPG in my playbook but it would be nice to have without this; as this could be considered as a security issue.

Note: At the end I went with libadwaita version but the question is in general for all RPMs.
@ilya-zlobintsev
Copy link
Owner

The packaging tool seems to support it: https://vv9k.github.io/pkger/signing.html
I'll take a look at it at some point

@ilya-zlobintsev ilya-zlobintsev mentioned this issue Feb 25, 2024
Merged
@ilya-zlobintsev
Copy link
Owner

Implemented in #276
Note that by default dnf doesn't check signatures of manually downloaded rpm packages, and if you enable it, you also have to manually import the public key with rpm --import lact.pubkey (the pubkey file will be included with new releases)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@pocelka @ilya-zlobintsev