Sean Atkinson wrote:
Hi,
I'm writing a CGI script in Perl to authorise RPM packages for
installation by adding new signatures. Since I didn't find any suitable
native Perl module available for this, I'm calling the rpm binary
instead.
However I'm having some trouble passing the "--addsign" option since it
prompts the user for the key's pass phrase, even when I've set it to be
empty. RPM's source code reveals that the getpass system call is being
used and then this phrase passed to gpg on a file descriptor, so I think
my problem's more with rpm than gpg.
Does anybody have any advice on how I might work around this or if
there's some better way to be doing it instead?
Thanks in advance,
Sean.
Sean -
I know nothing of perl, and still have a pretty shakey understanding of
how signing is done.
However, I have made a few scripts in the past, and my dev team has done
so in the past as well, using rpm's libraries. A quick search yielded
something like this:
http://www.blackperl.com/Perl-RPM/RPM.html
...which may allow you to interface with the libraries alone, and not
have to provide specific instructions, methods, yada yada, to a terminal
window or some such.
Like I said, I don't know - just something I was thinking about.
Thanks
-dant
