Changes

Jump to: navigation, search

Cdot sigul sop

38 bytes removed, 11:54, 19 May 2015
no edit summary
== Creating A Key ==
 
If a new key is to be created for the signing process the following step must be taken to do so in compliance with primary arch key generation SOP.
From ireland issue the following commands:=== Create a new key ===
For example if we wanted to create the Fedora 13 signing key, we would do the following:<ol><li>Create the key using a strong passphrase when prompted
<pre>
$ sigul new-key --key-admin aeboccia --name-real Fedora-ARM \
--name-comment 14 \
--name-email fedora@fedoraproject.org fedora-14-arm
</pre></li><li>Wait a while for entropy. This can take several minutes.</li><li>=== Grant key access to user === Grant key access to any users who will be using it to sign packages
<pre>
$ sigul grant-key-access fedora-14-arm aeboccia
</pre>
One Once the key has been created you can continue on to prep for signing.
== Signing prep ==
For signing, the script sigulsign_unsigned is used. In order to use the new key with the script it's ID must be added.
=== Obtain the ID === To obtain the ID issue the following on Ireland:
<pre>
$ sigul get-public-key > keyblock
From that output on the PUB line copy the Code after the / usually this code starts with a letter for example B207AABC <br />
=== Modify sigulsign_unsigned.py === The next step is to add it to the sigulsign_unsigned script.:
<pre>
</pre>
Close and Save the Scriptscript.
== Signing ==
<pre>
 
$ screen -t SigulSigning
$ ./sigulsign_unsigned.py -v -v --write-all --inherit --arch=arm --tag=dist-f14 --password=<keypassphrase> fedora-14-arm
</pre>
* The tag option is set to the tag within koji under which all the packages to be signed currently reside. </pre>

Navigation menu