« Return to Thread: Problems signing rpms
Re: Problems signing rpms
by Thomas Backlund
::
Rate this Message:
Chris skrev:
> On Fri, 2009-07-03 at 02:14 +0300, Thomas Backlund wrote:
>> Chris skrev:
>>> I'm building clamav rpm's for 2009.1 and am having an issue signing them
>>> with my gpg key. Previously when I was running 10.1 I had no problems.
>>> I'm using the below command:
>>>
>>> [chris@localhost ~]$ rpmbuild
>>> -bb--sign /home/chris/rpm/SPECS/clamav.spec
>>> Enter pass phrase:
>>> Pass phrase check failed
>>>
>>> My ~/.rpmmacros file has all the same info as I used in building rpms
>>> for 10.1:
>>>
>>> %_topdir /home/chris/rpm
>>> %_tmppath /home/chris/rpm/tmp
>>>
>>> %_signature gpg
>>> %_gpg_name Chris Pollock (New email address as of 04/21/07) <cpollock@...>
>>> %_gpg_path ~/.gnupg
>>> %distribution MandrivaLinux
>>> %vendor Mandriva
>>>
>>> And I've ensured that I entered my passphrase correctly. Any ideas as to what the
>>> problem may be? There are no problems building without the sig and guess I could upload
>>> them to the site I usually do unsigned however I'd feel better if they were.
>>>
>>
>> Does your %_gpg_name match whats in your gpg key ?
>> (matching uid in 'gpg -K' output)
> %_gpg_name Chris Pollock (New email address as of 04/21/07)
> <cpollock@...>
>
> [chris@localhost ~]$ gpg --list-keys
> gpg: using PGP trust model
> gpg: key 98E6705C: accepted as trusted key
> /home/chris/.gnupg/pubring.gpg
> ------------------------------
> pub 1024D/98E6705C 2005-11-23
> uid Chris Pollock (New email address as of 04/21/07)
> <cpollock@...>
> uid Chris Pollock <cpollock@...>
>
>
>> Is your gpg keys correctly installed in ~/.gnupg ?
>
> As far as I know, I have no problem signing messages, wouldn't I if they
> were incorrectly installed?
>> Is the permissions correct on the .gnupg files ?
>> (700 on directory, 600 on the files)
>>
>> --
>> Thomas
>
> drwx------ 4 chris chris 4096 2009-07-02 21:17 .gnupg/
> -rw-r--r-- 1 chris chris 2137 2009-01-02 20:24 cpollock.asc
> drwx------ 2 chris chris 4096 2009-02-26 17:37 dirmngr-cache.d/
> -rw-r--r-- 1 chris chris 321 2009-02-08 11:19 dirmngr.conf
> -rw-r--r-- 1 chris chris 321 2009-02-08 11:06
> dirmngr.conf.gpgconf.bak
> -rw-r--r-- 1 chris chris 851 2009-07-01 10:42 gpg-agent.conf
> -rw-r--r-- 1 chris chris 853 2009-02-08 11:19 gpg-agent.conf~
> -rw-r--r-- 1 chris chris 853 2009-02-08 11:06
> gpg-agent.conf.gpgconf.bak
> -rw-r--r-- 1 chris chris 9289 2009-02-06 19:59 gpg.conf
Should be -rw-------
> -rw-r--r-- 1 chris chris 9178 2009-01-03 15:40 gpg.conf~
> -rw-r--r-- 1 chris chris 9209 2009-01-02 20:21 gpg.conf.gpgconf.bak
> -rw-r--r-- 1 chris chris 432 2009-02-08 11:19 gpgsm.conf
> -rw-r--r-- 1 chris chris 422 2009-01-02 19:06 gpgsm.conf~
> -rw-r--r-- 1 chris chris 432 2009-02-08 11:06 gpgsm.conf.gpgconf.bak
> srwxrwxr-x 1 chris chris 0 2009-02-08 11:19 log-socket=
> drwxrwxr-x 2 chris chris 4096 2009-01-03 22:18 private-keys-v1.d/
Should be drwx------
> -rw------- 1 chris chris 6497756 2009-07-01 17:46 pubring.gpg
OK
> -rw------- 1 chris chris 6497756 2009-07-01 17:10 pubring.gpg~
> -rw-rw-r-- 1 chris chris 17087 2009-02-26 17:37 pubring.kbx
> -rw-rw-r-- 1 chris chris 18116 2009-02-26 17:37 pubring.kbx~
> -rw------- 1 chris chris 600 2009-07-02 21:16 random_seed
OK
> -rw-r--r-- 1 chris chris 327 2009-02-08 11:19 scdaemon.conf
> -rw-r--r-- 1 chris chris 327 2009-02-08 11:06
> scdaemon.conf.gpgconf.bak
> -rw------- 1 chris chris 1311 2009-01-07 17:37 secring.gpg
OK
> -rw------- 1 chris chris 1480 2009-07-01 17:46 trustdb.gpg
>
OK
> Does anything look amiss?
>
What is the output of:
rpmbuild -bs -v --sign /home/chris/rpm/SPECS/clamav.spec
and:
rpm -qa '*rpm*' '*gnupg*'
--
Thomas
> On Fri, 2009-07-03 at 02:14 +0300, Thomas Backlund wrote:
>> Chris skrev:
>>> I'm building clamav rpm's for 2009.1 and am having an issue signing them
>>> with my gpg key. Previously when I was running 10.1 I had no problems.
>>> I'm using the below command:
>>>
>>> [chris@localhost ~]$ rpmbuild
>>> -bb--sign /home/chris/rpm/SPECS/clamav.spec
>>> Enter pass phrase:
>>> Pass phrase check failed
>>>
>>> My ~/.rpmmacros file has all the same info as I used in building rpms
>>> for 10.1:
>>>
>>> %_topdir /home/chris/rpm
>>> %_tmppath /home/chris/rpm/tmp
>>>
>>> %_signature gpg
>>> %_gpg_name Chris Pollock (New email address as of 04/21/07) <cpollock@...>
>>> %_gpg_path ~/.gnupg
>>> %distribution MandrivaLinux
>>> %vendor Mandriva
>>>
>>> And I've ensured that I entered my passphrase correctly. Any ideas as to what the
>>> problem may be? There are no problems building without the sig and guess I could upload
>>> them to the site I usually do unsigned however I'd feel better if they were.
>>>
>>
>> Does your %_gpg_name match whats in your gpg key ?
>> (matching uid in 'gpg -K' output)
> %_gpg_name Chris Pollock (New email address as of 04/21/07)
> <cpollock@...>
>
> [chris@localhost ~]$ gpg --list-keys
> gpg: using PGP trust model
> gpg: key 98E6705C: accepted as trusted key
> /home/chris/.gnupg/pubring.gpg
> ------------------------------
> pub 1024D/98E6705C 2005-11-23
> uid Chris Pollock (New email address as of 04/21/07)
> <cpollock@...>
> uid Chris Pollock <cpollock@...>
>
>
>> Is your gpg keys correctly installed in ~/.gnupg ?
>
> As far as I know, I have no problem signing messages, wouldn't I if they
> were incorrectly installed?
>> Is the permissions correct on the .gnupg files ?
>> (700 on directory, 600 on the files)
>>
>> --
>> Thomas
>
> drwx------ 4 chris chris 4096 2009-07-02 21:17 .gnupg/
> -rw-r--r-- 1 chris chris 2137 2009-01-02 20:24 cpollock.asc
> drwx------ 2 chris chris 4096 2009-02-26 17:37 dirmngr-cache.d/
> -rw-r--r-- 1 chris chris 321 2009-02-08 11:19 dirmngr.conf
> -rw-r--r-- 1 chris chris 321 2009-02-08 11:06
> dirmngr.conf.gpgconf.bak
> -rw-r--r-- 1 chris chris 851 2009-07-01 10:42 gpg-agent.conf
> -rw-r--r-- 1 chris chris 853 2009-02-08 11:19 gpg-agent.conf~
> -rw-r--r-- 1 chris chris 853 2009-02-08 11:06
> gpg-agent.conf.gpgconf.bak
> -rw-r--r-- 1 chris chris 9289 2009-02-06 19:59 gpg.conf
Should be -rw-------
> -rw-r--r-- 1 chris chris 9178 2009-01-03 15:40 gpg.conf~
> -rw-r--r-- 1 chris chris 9209 2009-01-02 20:21 gpg.conf.gpgconf.bak
> -rw-r--r-- 1 chris chris 432 2009-02-08 11:19 gpgsm.conf
> -rw-r--r-- 1 chris chris 422 2009-01-02 19:06 gpgsm.conf~
> -rw-r--r-- 1 chris chris 432 2009-02-08 11:06 gpgsm.conf.gpgconf.bak
> srwxrwxr-x 1 chris chris 0 2009-02-08 11:19 log-socket=
> drwxrwxr-x 2 chris chris 4096 2009-01-03 22:18 private-keys-v1.d/
Should be drwx------
> -rw------- 1 chris chris 6497756 2009-07-01 17:46 pubring.gpg
OK
> -rw------- 1 chris chris 6497756 2009-07-01 17:10 pubring.gpg~
> -rw-rw-r-- 1 chris chris 17087 2009-02-26 17:37 pubring.kbx
> -rw-rw-r-- 1 chris chris 18116 2009-02-26 17:37 pubring.kbx~
> -rw------- 1 chris chris 600 2009-07-02 21:16 random_seed
OK
> -rw-r--r-- 1 chris chris 327 2009-02-08 11:19 scdaemon.conf
> -rw-r--r-- 1 chris chris 327 2009-02-08 11:06
> scdaemon.conf.gpgconf.bak
> -rw------- 1 chris chris 1311 2009-01-07 17:37 secring.gpg
OK
> -rw------- 1 chris chris 1480 2009-07-01 17:46 trustdb.gpg
>
OK
> Does anything look amiss?
>
What is the output of:
rpmbuild -bs -v --sign /home/chris/rpm/SPECS/clamav.spec
and:
rpm -qa '*rpm*' '*gnupg*'
--
Thomas
« Return to Thread: Problems signing rpms
| Free embeddable forum powered by Nabble | Forum Help |
