Generated my GPG key using the: gpg --gen-key command. Edited the ~/.rpmmacros file and added the following line:
%_gpg_name "myemail"Proceeded to sign the my two packages created and tested in the previous labs (rush and httptunnel).
rpm --addsign httptunnel-3.0.5-1.fc14.rpmCreating YUM Repo
rpm --addsign rush-1.7-1.fc14.rpm
Created the serve folder as /var/www/html/repo/. Creating the repo metadata with the command:
createrepo /var/www/html/repo/Copied both of my signed packges to the folder.
Testing
Yum Repo File
Copied /etc/yum.repos.d/fedora.repo as packages.repo, changing it to point to my internal http repo. From my regular user account I used the command:
gpg --export --armour myemailThis generated my GPG key (packages-key) which I copied to the /etc/pki/rpm-gpg. The repo config points to this for signing verification.
After this I was able to issue the command "yum install rush" to get my package. For httptunnel this does not work as the version and release are higher than my current package. If I disable the Fedora repo temporarily it will work.
Repo-release RPM
Spec File
RPM
*Note: The repo-release RPM is pointing to an internal-facing ONLY apache server, the repo will not function on your machine.
In order to figure out how to package my repo configuration I downloaded the SRPM for rpmfusion. Then once issuing the rpm -i command on the source rpm I was able to see the SPEC file it generated.
I adapted the original RPMfusion spec file until it properly installed the packages.repo and packages-key files to /etc/yum.repo.d/ and /etc/pki/rpm-gpg respectively. Installing the RPM allows me to access my internal http repo with no issue.
Once I have an internet-facing server up and running I will find what I've learned from this lab extremely useful.
No comments:
Post a Comment