[OE-core] [PATCH v4 0/3] zypper: support signed repositories
Steve Sakoman
steve at sakoman.com
Mon Jan 30 22:04:15 UTC 2012
On Mon, Jan 30, 2012 at 1:50 PM, Saul Wold <sgw at linux.intel.com> wrote:
> Steve, I am still reviewing this, and I need to to a build with non-GPLv3,
> since you might have added a dependency with zypper on a GPLv3 item, this
> will take me some checking.
>
> You might want to prepare a patch and test with a GPLv2 version of gnupg as
> well. This will not hold up this patch if we know the GPLv2 version is
> forth coming.
I'm not sure that a version 1.x of gnupg will give signed repository support.
The zypper package seems to explicitly use gpg2, see log below:
root at omap3-multi:~# zypper refresh
Retrieving repository 'sakoman' metadata [done]
Building repository 'sakoman' cache [done]
All repositories have been refreshed.
root at omap3-multi:~# cat /var/log/zypper.log | grep gpg
2011-12-13 15:10:55 <1> omap3-multi(517) [zypp] RpmDb.cc(~RpmDb):245 -
gpgcheck : 0
2011-12-13 15:10:55 <1> omap3-multi(517) [zypp] RpmDb.cc(~RpmDb):245 -
gpgkey :
2011-12-13 15:10:55 <1> omap3-multi(517) [zypp++]
ExternalProgram.cc(start_program):229 Executing '/usr/bin/gpg2'
'--no-default-keyring' '--quiet' '--list-public-keys' '--with-colons'
'--with-fingerprint' '--no-tty' '--no-greeting' '--batch'
'--status-fd' '1' '--homedir'
'/var/tmp/zypp.7TLoJg/zypp-trusted-krnRU0ej'
2011-12-13 15:10:55 <1> omap3-multi(517) [zypp++]
ExternalProgram.cc(start_program):229 Executing '/usr/bin/gpg2'
'--no-default-keyring' '--quiet' '--list-public-keys' '--with-colons'
'--with-fingerprint' '--no-tty' '--no-greeting' '--batch'
'--status-fd' '1' '--homedir'
'/var/tmp/zypp.7TLoJg/zypp-trusted-krnRU0ej'
2011-12-13 15:10:55 <1> omap3-multi(517) [zypp++]
ExternalProgram.cc(start_program):229 Executing '/usr/bin/gpg2'
'--no-default-keyring' '--quiet' '--no-tty' '--no-greeting'
'--no-permission-warning' '--status-fd' '1' '--homedir'
'/var/tmp/zypp.7TLoJg/zypp-trusted-krnRU0ej' '--import'
'/var/tmp/zypp.7TLoJg/TmpFile.bRqNPf'
2011-12-13 15:10:57 <1> omap3-multi(517) [zypp++]
ExternalProgram.cc(start_program):229 Executing 'gpg' '-v'
'--no-default-keyring' '--fixed-list-mode' '--with-fingerprint'
'--with-colons' '--homedir' '/var/tmp/TmpDir.HF2Hg5' '--quiet'
'--no-tty' '--no-greeting' '--batch' '--status-fd' '1'
'/var/tmp/TmpFile.njjEOI'
2011-12-13 15:10:57 <1> omap3-multi(517) [zypp++]
ExternalProgram.cc(start_program):229 Executing '/usr/bin/gpg2'
'--no-default-keyring' '--quiet' '--no-tty' '--no-greeting'
'--no-permission-warning' '--status-fd' '1' '--homedir'
'/var/tmp/zypp.7TLoJg/zypp-general-krfSdyHl' '--import'
'/var/tmp/TmpFile.njjEOI'
If I get some time later this week I will experiment with a earlier
version of gnupg, though I suspect we might have to create a somewhat
questionable symlink from gpg2 to gpg. Note that it actually seems to
use *both* gpg2 and gpg!
Steve
More information about the Openembedded-core
mailing list