Results 1 to 8 of 8

Thread: how to import signing key in order to install build service packages?

Hybrid View

  1. #1

    Default how to import signing key in order to install build service packages?

    Apologies for not knowing this, which should be pretty simple...

    From time to time if I need to get a package that is not available in the regular repos, but is only available from someone's community repository on the build service. I have from time to time either added their repo or just downloaded the package I was looking for.

    But one thing consistently eludes me - where do I find the gpg signing key so that I can import it? I feel like I compromise my system if I just ignore the signing key and install it regardless.

    All the instructions I have found seem to be only about how to set up the proper signing key if you are a builder of packages, not if you are a regular user like me that just wants to download someone else's package.

  2. #2
    Join Date
    Sep 2012
    Posts
    8,029

    Default Re: how to import signing key in order to install build service packages?

    Zypper should ask you whether you agree to trust this repository the first time you access it. It should import package signing key.

    You can also view key using "osc signkey". I am not sure whether there is GUI to do the same (I though there was but may be I was mistaken).

  3. #3

    Default Re: how to import signing key in order to install build service packages?

    Quote Originally Posted by arvidjaar View Post
    Zypper should ask you whether you agree to trust this repository the first time you access it. It should import package signing key.
    I think it does that if I add the whole repository, but not if I want to just download a single package.

    Here is an example, and this pretty much works for any package that I have downloaded for the build service.
    I downloaded libdvdcss2 from someone's repo because I don't want to add his/her entire repo, but just install the single package.

    Code:
    > zypper in libdvdcss2
    Loading repository data...
    Reading installed packages...
    Resolving package dependencies...
    
    The following NEW package is going to be installed:
      libdvdcss2
    
    1 new package to install.
    Overall download size: 71.4 KiB. Already cached: 0 B. After the operation, additional 177.3 KiB will be used.
    Continue? [y/n/v/...? shows all options] (y): y
    Retrieving package libdvdcss2-1.4.3-4.2.x86_64                                                                                                                           (1/1),  71.4 KiB (177.3 KiB unpacked)
    libdvdcss2-1.4.3-4.2.x86_64.rpm:
        Header V3 RSA/SHA256 Signature, key ID 98ebc913390e2d7d: NOKEY
        V3 RSA/SHA256 Signature, key ID 98ebc913390e2d7d: NOKEY
    
    warning: /home/george/Downloads/AASyncToDell/libdvdcss/libdvdcss2-
    
    So on downloading the package, there is nothing there that asks if I can import the package signing key. I can try adding the repo for this single package, which will then offer to import the signing key, but it seems like overkill. Not only that, the build service offers the option of downloading the single package instead of adding the entire repo, only to remove it after installing the package you need. So it seems like if the build service says that you can download a single package, there must be some easy way to import the gpg key for build service packages, but I can't figure out where that is.

  4. #4
    Join Date
    Sep 2012
    Posts
    8,029

    Default Re: how to import signing key in order to install build service packages?

    Quote Originally Posted by techtribe View Post
    if the build service says that you can download a single package, there must be some easy way to import the gpg key for build service packages
    So you chose expert option and then complain that expert option is too complicated.

    URL to GPG key for each repository is the value of gpgkey in file <project name>.repo in root directory of this repository. Download file, extract value of gpgkey, download key. This can easily be automated.

    Or use osc as I already told you. Is not that difficult either.

  5. #5

    Default Re: how to import signing key in order to install build service packages?

    Quote Originally Posted by arvidjaar View Post
    So you chose expert option and then complain that expert option is too complicated.
    yes I guess I sentimentally want to be an expert but can't quite get there...

    Quote Originally Posted by arvidjaar View Post
    URL to GPG key for each repository is the value of gpgkey in file <project name>.repo in root directory of this repository. Download file, extract value of gpgkey, download key. This can easily be automated.

    Or use osc as I already told you. Is not that difficult either.
    Thank you, that is just what I needed

  6. #6
    Join Date
    Mar 2011
    Location
    Sauerland
    Posts
    7,317

    Default AW: how to import signing key in order to install build service packages?

    Use:
    Code:
    rpm --import https://download.opensuse.org/repositories/home:/Sauerland/openSUSE_Leap_15.3/repodata/repomd.xml.key
    That will copy my key to the database.

    You can verify before/after in:
    Yast-----Software-Repositories-----GPG-keys (in the lower right corner)

  7. #7

    Default Re: AW: how to import signing key in order to install build service packages?

    Quote Originally Posted by Sauerland View Post
    Use:
    Code:
    rpm --import https://download.opensuse.org/repositories/home:/Sauerland/openSUSE_Leap_15.3/repodata/repomd.xml.key
    That will copy my key to the database.

    You can verify before/after in:
    Yast-----Software-Repositories-----GPG-keys (in the lower right corner)
    Thank you, that is very helpful

  8. #8
    Join Date
    Mar 2011
    Location
    Sauerland
    Posts
    7,317

    Default AW: how to import signing key in order to install build service packages?

    Use the directory/file of your download package.
    Code:
    /repodata/repomd.xml.key
    Otherwise grab it from the Download side and add it.

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •