Re: [libvirt] [libvirt-glib] spec: Add verification of the tarball GPG signature
On Thu, Apr 14, 2016 at 11:12:00AM +0200, Christophe Fergeau wrote:
This at least allows to make sure that all tarballs are signed with
the
same GPG key, and that the tarball was not corrupted between the time it
was uploaded upstream, and the time the RPM is built.
danpb-BE86EBB415104FDF.gpg is generated with:
gpg2 -v --armor --export 15104FDF | gpg2 --no-default-keyring --keyring
./danpb-BE86EBB415104FDF.gpg --import
---
libvirt-glib.spec.in | 4 ++++
1 file changed, 4 insertions(+)
ACK
Regards,
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|