Open main menu

CDOT Wiki β

Changes

Fall 2012 DPI908/SBR600 Weekly Schedule

2,867 bytes removed, 13:14, 19 September 2012
Wednesday (September 19)
== Wednesday (September 19) ==
=== [[Signing RPM packages === An RPM signature, like the digital signature used on many other software-signing systems, is a private key encryption of a checksum. RPM uses the GPG libraries for signing. # Create a GPG key: <code>gpg --gen-key</code># Add the e-mail address associated with your gpg key to the <code>%_gpg_name</code> macro in <code>~/.rpmmacros</code> -- the line will look like this: <code>%_gpg_name "<i>e-mail-address</i>"</code># Find (or make) some packages to put in your repository. Make sure that the epoch-version-release is higher than that of any package with the same name in the Fedora repositories.# Sign those packages with: <code>rpm --addsign <i>packagefile</i></code> === Creating a YUM repository === A yum repository is just a directory of packages and some metadata. To create a yum repository:# Create a directory that can be served. The protocol used to serve that directory could be http, ftp, nfs, or something else (the files can be served by putting them on a DVD too!). For http, create the directory within <code>/var/www/html</code># Put your signed packages in that directory.# Create the repository metadata for that directory: <code>createrepo <i>/name/of/directory</i></code> (typically: <code>createrepo . </code>) Notice that the repository metadata will be placed in a subdirectory named <code>repodata</code> === Testing === # Create a new repository file in <code>/etc/yum.repos.d</code> by copying and modifying an existing file in that directory. Keep <code>gpgcheck=1</code> but comment out the <code>gpgkey</code> file.# Confirm that you cannot install from that repository using yum, since the gpgkey is unavailable to yum/rpm.# Uncomment the <code>gpgkey</code> line, and point it to a new file within <code>/etc/pki/rpm-gpg/</code># Create that file by running (as your regular user): <code>gpg --export --armour <i>e-mail-address</i></code> and saving the output to the new filename (note: you'll need to be your regular user to perform the export, but the root user to install the file).# Confirm that you can now install from your repository. You should be asked whether you wish to import the key for your repo the first time you use a package from that repo. === Creating a Repository-release RPM === To make it easier for users to access your repository, create a RPM containing:# Your repo file# Your GPG key You can link to this repository-release RPM from a web page, and users can install access to your repository by simply clicking on that link. You can also include this package in a [[:fedora:Spin|SpinPackages]] or [[:fedora:Remix|Remix]]. If you ever need to move your repository's location or make other adjustments, you can provide an updated repository-release package which will be installed when your users perform a <code>yum update</code>. Take a look at the [http://rpmfusion.org/ RPMFusion] release RPM for an example.
=== To Do ===