User Tools

Site Tools


building_and_signing_rpm_packages

Building and signing RPM packcages

Create RPM build environment

# yum install rpm-build

Build the needed directories.

# mkdir -p /usr/src/redhat/{BUILD,RPMS,SOURCES,SPECS,SRPMS}

Create SPEC file

Place spec file in /usr/src/redhat/SPECS

Example:

Summary: Check for simple HW errors
Name: hw-check
Version: 1.0
Release: 0
License: GPL
Group: Applications/Internet
Vendor: <Vendor or personal name>
Buildroot: %{_tmppath}/hw-check-%{version}
BuildArch: noarch

%description
Hardware check script for Linux.

%prep
#%setup -q

%build

%install
rm -rf $RPM_BUILD_ROOT
mkdir -m 664 -p $RPM_BUILD_ROOT/var/log/hardware
mkdir -m 700 -p $RPM_BUILD_ROOT/etc/cron.daily
cp /etc/cron.daily/hw_check $RPM_BUILD_ROOT/etc/cron.daily/hw_check

%post

%preun
rm -f /etc/cron.daily/hw_check
rm -f /var/log/hardware/*
rmdir /var/log/hardware

%clean
rm -rf $RPM_BUILD_ROOT

%files

%defattr(750,root,root)
%dir /var/log/hardware/

%defattr(-,root,root)
/etc/cron.daily/hw_check

%changelog
* Thu Sep 8 2010 Unix Support <unix@<domain» - 1.00
- Initial build''

Create GPG keys

# gpg --gen-key

Select default install options and fill out “Real Name” & “Email address”

List installed keys

# gpg --list-keys

Export GPG key

Export GPG key the key needs to be imported on systems where packet is going to be installed

# gpg --export -a '<Real name>' > RPM-GPG-KEY-<real name> 

Create macro file with GPG reference

Create ~/.rpmmacros file with following content:

%_signature    gpg
%_gpg_name    <real name>

Create and sign RPM package

# cd /usr/src/redhat/SPECS
# rpmbuild -ba --sign <name of spec file>

RPM package will be placed in /usr/src/redhat/RPMS/noarch depending of architecture Copy RPM package and GPG key to target system

Import GPG key to target system

# rpm --import RPM-GPG-KEY-<real name>

Install RPM package

On target system:

# yum localinstall <RPM package name>
building_and_signing_rpm_packages.txt · Last modified: 2011/09/26 13:24 by root