On May 2, 2007, at 10:33 AM, Bob Huisman wrote:
Hello all,
Currently we are working on a continuous integration service, which
also
publishes rpm packages. At this time, these packages are unsigned and
thus cannot be used in a RHN Satellite environment (as far as I know,
have not tested 100%). We do have a gpg signature available, but
when a
package is created with the --sign option, a prompt is asking for the
passphrase. Is it possible to put the password in the commandline?
This
is usefull for testing our packages. The final versions will
ofcourse be
signed with a different key, and the development key will never be
published.
Any ideas on this will be greatly appreciated!
rpm uses getpass(3).
expect will interpose a pseudo-tty, which is sufficient to automate
signing, with passwords automatically entered.
Or pay the big $$$ for an automatic signer as both SuSE and RH have
done.
The evntual solution will be to replace getpass(3) using keyutils, which
will fire up a helper to request a password and deliver to rpm securely,
but I haven't yet wired up my proof-of-concept code.
73 de Jeff
_______________________________________________
Rpm-list mailing list
Rpm-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/rpm-list
