[prev in list] [next in list] [prev in thread] [next in thread]
List: suse-autoinstall
Subject: [suse-autoinstall] Adding ZYPP repositories at install time
From: Ian Grant <Ian.Grant () cl ! cam ! ac ! uk>
Date: 2006-09-15 11:59:51
Message-ID: 20060915125951.6998a4c3.Ian.Grant () cl ! cam ! ac ! uk
[Download RAW message or body]
This is a little OT but I don't know where else to ask.
In an autoyast script, how can I add a trusted key that rug/yast will use to verify \
signed ZYPP repositories?
I am trying to add ZYPP repositories in an autoinstall script. (I can do it manually \
using YaST 'Installation Sources' and it asks me if I want to trust the key used to \
sign the repository. But I don't want to have to do this manually every time I \
install a machine.)
The repository is one I have created myself using createrepo and signed as described \
here:
http://en.opensuse.org/Secure_Installation_Sources#The_.22repomd.22_or_.22YUM.22_format
To sign the repository I 'cd' to the top-level directory and ran
gpg -a -u rpm-packager --detach-sign repodata/repomd.xml
gpg -a --export rpm-packager > repodata/repomd.xml.key
So I have the key in repodata/repomd.xml.key
On the new machine (in an autoyast post-init script) I want to add the key to the \
rug keyring. I have tried
gpg --homedir /root/.gnupg \
--import repodata/repomd.xml.key
to add it to root's keyring, and I have tried adding the key to the zmd whitelist \
using
rug ka packager 68C0D40964D6D632 "6E55 E6C6 8A0D 5557 C10D 571B 68C0 D409 64D6 D632"
But neither work. When I run
rug --quiet sa -t zypp \
nfs://repo.host/path/suse-10.1/extras \
SUSE-10.1-extras
I get an error 'parsing metadata: Untrusted key rpm-packager ... (I am paraphrasing, \
I don't have a copy of the message and can't reproduce it without re-installing.)
However, if I delete an installation source added using YaST 'Installation Source' \
graphical tool and then run the above 'rug sa' command it works, presumably because \
the key has been kept.
--
To unsubscribe, e-mail: suse-autoinstall-unsubscribe@suse.com
For additional commands, e-mail: suse-autoinstall-help@suse.com
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic