On 2/25/06, Ville Skyttä <ville.skytta@xxxxxx> wrote:
> On Sat, 2006-02-25 at 16:34 -0500, Michel Salim wrote:
>
> > I'm packaging zeroinstall-injector for Extras, and the upstream
> > tarball comes signed with GPG
> [...]
> > How can I tell %setup that it needs to do gpg --decrypt on the source
>
> Hm, I'm confused, the tarball is signed but you're running --decrypt?
>
Sure. if GnuPG is not told to create a detached signature, a .gpg file
is generated, and the file that was signed can be retrieved using
--decrypt.
> > Right now I'm calling gpg manually before %setup, moved the signed
> > tarball out of the way, rename the unsigned tarball to the original
> > name, run %setup and then restore the original signed tarball to its
> > original name.
>
> How about just:
>
> %prep
> %setup -c -T
> # do whatever is needed $stuff to %{SOURCEx}
>
Ah, OK. I'm changing it to
%prep
# do stuff with %{SOURCEx}
%setup -D -T
To make use of %setup's sanitization of the extracted files. Thanks!
--
Michel Salim
http://www.cs.indiana.edu/~msalim
http://the-dubois-papers.blogspot.com/
--
fedora-extras-list mailing list
fedora-extras-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-extras-list
