[libvirt] [libvirt-glib] spec: Add verification of the tarball GPG signature
Daniel P. Berrange
berrange at redhat.com
Thu Apr 14 09:21:47 UTC 2016
On Thu, Apr 14, 2016 at 11:12:00AM +0200, Christophe Fergeau wrote:
> This at least allows to make sure that all tarballs are signed with the
> same GPG key, and that the tarball was not corrupted between the time it
> was uploaded upstream, and the time the RPM is built.
>
> danpb-BE86EBB415104FDF.gpg is generated with:
> gpg2 -v --armor --export 15104FDF | gpg2 --no-default-keyring --keyring ./danpb-BE86EBB415104FDF.gpg --import
> ---
> libvirt-glib.spec.in | 4 ++++
> 1 file changed, 4 insertions(+)
ACK
Regards,
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
More information about the libvir-list
mailing list