walters@xxxxxxxxxx (Colin Walters) writes: >> There is a Fedora rawhide key (key ID 1CDDBCA9 I believe), but it's >> really not practical right now to sign the packages, because the >> rawhide push is completely automated, and signing requires manually >> entering a password. > > Well you can certainly provide the passphrase programatically, something > like: > > echo "my passphrase" 1>&3 | gpg --passphrase-fd=3 ... No; rpm does not offer such an interface but expects the passphrase on a tty everytime. I solved it for me with an 'expect' wrapper, but it is a dirty hack :( Overall, the gpg support in rpm is poor as it accepts special signatures only[1] and there are no (reliable) tools[2] to check signatures based on ordinary gpg keyrings (in opposite to current 'Pubkey' table which requires root rights). Enrico Footnotes: [1] https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=123643 [2] https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=123650
