[Linux-cluster] Upcoming changes to cluster releases
Fabio M. Di Nitto
fdinitto at redhat.com
Tue Feb 16 11:55:16 UTC 2010
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi everybody,
I just landed a set of changes to improve our release process for cluster 3.
Here are the highlights:
- - tarballs will be released in both .gz and bz2 formats.
- - a Changelog-$VERSION will be available on the release area (same as
the one available in the announce emails).
- - a .sha256 file will also be available for each release to verify the
downloads.
- - for the more paranoid, the .sha256 file is signed with gpg (*).
As of today, we will _not_ update tarballs on the old
ftp://sources.redhat.com/pub/cluster/releases/
Please update your watchfiles to use:
https://fedorahosted.org/releases/c/l/cluster/
Cheers
Fabio
(*) In order to verify the release signature (example):
1) $ gpg --recv-keys 0x6CE95CA7
2) $ gpg --fingerprint 0x6CE95CA7
pub 4096R/6CE95CA7 2010-02-08
Key fingerprint = 746F 4C0C A8C2 B82E CC0A 6948 08C8 1B2C 6CE9 5CA7
uid Cluster Release Team <cluster-devel at redhat.com>
3) $ gpg --check-sigs 0x6CE95CA7
pub 4096R/6CE95CA7 2010-02-08
uid Cluster Release Team <cluster-devel at redhat.com>
sig!3 6CE95CA7 2010-02-08 Cluster Release Team
<cluster-devel at redhat.com>
sig! 63549F8E 2010-02-08 Fabio M. Di Nitto <fabbione at fabbione.net>
sig! 0B437A89 2010-02-08 Fabio M. Di Nitto <fabbione at fabbione.net>
sig! 4CF8CD0C 2010-02-08 Lon Hohberger <lhh at redhat.com>
The key will always carry only the UIDs of the release managers.
4) $ gpg --verify cluster-3.0.8.sha256.asc cluster-3.0.8.sha256
gpg: Signature made Tue Feb 16 12:37:42 2010 CET using RSA key ID 6CE95CA7
gpg: Good signature from "Cluster Release Team <cluster-devel at redhat.com>"
Generally, step 1 to 3 are required only for a first time setup.
Please always consult any extensive gpg how to for more information.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iQIcBAEBAgAGBQJLeoehAAoJEFA6oBJjVJ+OjA8P/iFhMjdVGYs/GUo0j/RSNzl+
a46BVyMzE/H6lPUDBZkyopuFNM0fgdMzHC5KNKcNyjO4gyVVp3/w16VoGjCfOzzk
mmEFq4xr8XOfgUzYoRvRHVVn4zOFHLQlwQ+sw7zlZGbQXZiUP/ffiL4czeSZnztS
0S1uHkMSykZpMq0fAYPBFmf9ipsN3QQzIjL069e1ZYE5TqoZFVE8L9qV5MA92MSP
Q+UAYUzRY7rsEguzCiM2oay/Xgi1cymYKQoUXEopRlPnebP/84Ntylkr5/w4mDqp
E2uFT1DOmFCR6EdcVpMrGSbqgeaq3IfM5otJIm8jwfzHqI9FkXM4onCKYv2ww+11
/aAzTz4Zdu66wPBfBghk/AsuIMsOLFgyqoWZYobswrAWaqJhHtfRy/OXE5G4Mt8+
mJEOiR9e1AqPvrwuvKfkNu1CysDNUzGBIc8nm7JXY7qjRjpd1q/+CKPJHj98/S/g
M0DkhCyfYh/oaDDC58RBzP1h3aKmFIRQ0AibvrQs6LHwWnfMznZ0kKENXvwXhV2A
qSHr0oLKEGClBYkr/7VXkzJxwqOntVz6R6NT/t6RO6e+v6zimqYLYNpi+jj2YFgU
6W+XgYTi9MkmibI4lsopDX1iz7rVw9VujFanH0KnOtO94lteGgkqEmJzLXH1vYyM
PZbO0x46MKn6xy0Ozf95
=tdgO
-----END PGP SIGNATURE-----
More information about the Linux-cluster
mailing list