Signing and Creating a Repository for RPM packages

Signing RPM package

An RPM signature, like the digital signature used on many other software-signing systems, is a private key encryption of a checksum. RPM uses the GPG libraries for signing.

create a GPG key by command: gpg –gen-key

edit /.rpmmacros file and add line  %_gpg_name “”  at last.

signing the packages: rpm –addsign packfilename     — I’m not sure which packagefile should I use :the .rpm or .src.rpm     – always confuse between these two types file.
create /var/www/html

cp the package to /var/www/html

createrepo /var/www/html





Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s