LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Newbie (https://www.linuxquestions.org/questions/linux-newbie-8/)
-   -   Best practices to add a repository (https://www.linuxquestions.org/questions/linux-newbie-8/best-practices-to-add-a-repository-4175500624/)

NotionCommotion 04-04-2014 05:30 PM
Best practices to add a repository
 
Please confirm that the process I am using to add a repository to Centos is correct. Thank you
Code:
# save the key to the appropriate folder.  Question: Does it mater what I call it?  Should I always save keys here?  Why are the keys such as "RPM-GPG-KEY-rpmforge-dag" sometimes automatically added without doing this?
wget -O /etc/pki/rpm-gpg/IUS-COMMUNITY-GPG-KEY http://dl.iuscommunity.org/pub/ius/IUS-COMMUNITY-GPG-KEY

# Verify the key is correct.  Question.  How do I do this?
gpg --quiet --with-fingerprint /etc/pki/rpm-gpg/RPM-GPG-KEY-IUS

#Import the key
rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-IUS

#Where available, download.  When not, manually create as /etc/yum.repos.d/ius.repo
rpm -Uvh http://dl.iuscommunity.org/pub/ius/stable/CentOS/6/x86_64/ius-release-1.0-11.ius.centos6.noarch.rpm

#Edit /etc/yum.repos.d/ius.repo and add appropriate priorities level, and set enabled as 0 or 1 as desired

Madhu Desai 04-05-2014 10:38 AM
Verifying Signed Packages
Checking a Package's Signature

NotionCommotion 04-12-2014 12:57 PM
Quote:
Originally Posted by mddesai (Post 5147132)
I read the two documents. While very informative, they did not answer the following:
  • Should I save all keys in /etc/pki/rpm-gpg?
  • Does it mater what I name a key? Are there accepted naming conventions?
  • Why are the keys such as "RPM-GPG-KEY-rpmforge-dag" sometimes automatically added without having to manually add?
  • Is as your suggested links suggest "rpm -K --nosignature <rpm_file>" more appropriate than using "gpg --quiet --with-fingerprint /etc/pki/rpm-gpg/RPM-GPG-KEY-IUS"?

Thank you


All times are GMT -5. The time now is 07:30 PM.