Subject: | |
From: | |
Reply To: | |
Date: | Mon, 27 Feb 2012 19:01:46 +0400 |
Content-Type: | text/plain |
Parts/Attachments: |
|
|
>
> Can I have you check again with rpmdev-checksig? The zlib rpm you
> listed below is signed by TUV and by SL, perhaps it is only checking the
> one key.
>
Could you please explain how you sign these packages?
According to the rpm(8) man page,
> SIGNING A PACKAGE
> rpm --addsign|--resign PACKAGE_FILE ...
>
> Both of the --addsign and --resign options generate and insert new sig‐
> natures for each package PACKAGE_FILE given, replacing any existing
> signatures. There are two options for historical reasons, there is no
> difference in behavior currently.
Note "replacing any existing signatures". IOW, after SL-sign, any
previous TUV-sign data should be removed, isn't it?
A broken "rpm -K" behaviour breaks my scripts and certainly I'm
impressed a little... :-/
Regards,
Dmitry Butskoy
|
|
|