Back to main site | Back to man page index

RPMSIGN(8)                                     System Manager's Manual                                     RPMSIGN(8)



NAME
       rpmsign - RPM Package Signing

SYNOPSIS
       rpm --addsign|--resign PACKAGE_FILE ...

       rpm --delsign PACKAGE_FILE ...


DESCRIPTION
       Both  of  the  --addsign and --resign options generate and insert new signatures for each package PACKAGE_FILE
       given, replacing any existing signatures. There are two options for historical reasons, there is no difference
       in behavior currently.

       rpm --delsign PACKAGE_FILE ...


       Delete all signatures from each package PACKAGE_FILE given.


   USING GPG TO SIGN PACKAGES
       In order to sign packages using GPG, rpm must be configured to run GPG and be able to find a key ring with the
       appropriate keys. By default, rpm uses the same conventions as GPG to find key rings,  namely  the  $GNUPGHOME
       environment  variable.   If your key rings are not located where GPG expects them to be, you will need to con‐
       figure the macro %_gpg_path to be the location of the GPG key rings to use.  If you want to be  able  to  sign
       packages  you  create  yourself, you also need to create your own public and secret key pair (see the GPG man‐
       ual). You will also need to configure the rpm macros

       %_gpg_name
              The name of the "user" whose key you wish to use to sign your packages.

       For example, to be able to use GPG to sign packages as the user "John Doe <[email protected]>" from the  key  rings
       located in /etc/rpm/.gpg using the executable /usr/bin/gpg you would include

       %_gpg_path /etc/rpm/.gpg
       %_gpg_name John Doe <[email protected]>
       %__gpg /usr/bin/gpg

       in  a macro configuration file. Use /etc/rpm/macros for per-system configuration and ~/.rpmmacros for per-user
       configuration. Typically it's sufficient to set just %_gpg_name.


SEE ALSO
       popt(3),
       rpm(8),
       rpmdb(8),
       rpmkeys(8),
       rpm2cpio(8),
       rpmbuild(8),
       rpmspec(8),

       rpmsign --help - as rpm supports customizing the options via popt aliases it's impossible  to  guarantee  that
       what's described in the manual matches what's available.


       http://www.rpm.org/ <URL:http://www.rpm.org/>