-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Jun 28, 2007, at 8:55 AM, Jesse Keating wrote:
On Thursday 28 June 2007 08:44:09 Till Maas wrote:
What should go wrong when someone with the gpg key signs the rpms?
And the
rpms are really trivial, so it is easy to verify them once. And
afaik they
are not updated very often, so it is not much work.
The answer isn't to sign these rpms which don't exist anywhere else
in the
distribution. The answer is to add a "buildsys-build" group or
other such
named group to the comps file and define what packages should be in
there
that way, and have mock just do a 'groupinstall buildsys-build',
which would
pull from the shipped repos. This does away with the need of a
'buildgroups'
repo all together, relies upon the shipped / signed rpms, and
existing method
of defining groups.
This is how mock used to work (albeit using yumgruops.xml instead of
comps.xml), and it was decided (on fedora-buildsys-list, IIRC) that
it would be better to use an RPM to define the base buildroot packages.
Personally, I feel that having an external 'buildgroups' repo lends
itself well to those of us that may wish to modify the packages which
get installed by mock by default. If Fedora does change how mock
reads in this information, I would hope that it remains configureable
in some way -- for example, if there is a 'groups' repo listed in a
mock config, then use that instead of what's defined in comps.
- -Jeff
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (Darwin)
iD8DBQFGg7uyKe7MLJjUbNMRAlanAKCM1T2DH7Oqq0iVZ8m7FxLVet1YLACbBfl2
5Jpaj5f3WfizV3rlWE97770=
=nttK
-----END PGP SIGNATURE-----
--
fedora-devel-list mailing list
fedora-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-devel-list
