Skip to content

Instantly share code, notes, and snippets.

@hnakamur

hnakamur/.rpmmacros

Last active December 25, 2020 01:28
Show Gist options
  • Star 2 You must be signed in to star a gist
  • Fork 1 You must be signed in to fork a gist
  • Save hnakamur/3da0ba4bfb74b896f375bd8e658e8772 to your computer and use it in GitHub Desktop.
Save hnakamur/3da0ba4bfb74b896f375bd8e658e8772 to your computer and use it in GitHub Desktop.
Download ZIP
rpm sign
Raw
.rpmmacros
# The original settings confirmed by running: rpm --showrc
# -14: __gpg %{_bindir}/gpg2
# -14: __gpg_check_password_cmd %{__gpg}
# gpg --batch --no-verbose --passphrase-fd 3 -u "%{_gpg_name}" -so -
#
# -14: __gpg_sign_cmd %{__gpg}
# gpg --batch --no-verbose --no-armor --passphrase-fd 3
# %{?_gpg_digest_algo:--digest-algo %{_gpg_digest_algo}}
# --no-secmem-warning
# -u "%{_gpg_name}" -sbo %{__signature_filename} %{__plaintext_filename}
%_gpg_name hnakamur@gmail.com
%__gpg_check_password_cmd /bin/true
%__gpg_sign_cmd %{__gpg} \
gpg --batch --no-verbose --no-armor \
--passphrase-file /home/admin/rpmsign-work/passphrase \
%{?_gpg_digest_algo:--digest-algo %{_gpg_digest_algo}} \
--no-secmem-warning \
-u "%{_gpg_name}" -sbo %{__signature_filename} %{__plaintext_filename}
@hnakamur
Copy link
Author

  • Modify _gpg_name and the filename for --passphrase-file for your environments
  • Use the fowllowing command to sign a rpm
cat /dev/null | setsid rpmsign --resign /path/to/your-rpm

@pfallasro
Copy link

Thanks so much for this, I've been struggling with this!

@hnakamur
Copy link
Author

I'm glad it helped!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment