On 2015-06-19 02:40, wi...@develop.earthshipeurope.org wrote: > On 2015-06-19 02:12, Benoît Minisini wrote: >> Le 18/06/2015 23:05, wi...@develop.earthshipeurope.org a écrit : >>> Hi all, >>> >>> I have been looking at the Gambas IDE package code (in >>> app/.src/gambas3/.src/packager folder) >>> In the package module I see that packages for debain/ubuntu are made >>> with: >>> dpkg-buildpackage -d -rfakeroot >>> >>> Request 1: >>> Could a simple -k<keyid> option be added to 'dpkg-buildpackage -d >>> -rfakeroot' for debian/ubuntu, so packages can be signed. >>> This could be set as a preference in IDE where you could select >>> 'package >>> with key' and enter the key in a field and select the distro the key >>> has >>> to be used for when signing. >>> >>> Maybe it should be possible to have multople seperate key like one >>> for >>> Debian and one for Ubuntu to sign with (just thinking out loud) >> >> Is the signature something associated with the user, i.e. the same >> signature will theoritically be used for all projects for the same >> system? > > Well, you can generate signing keys with gpg. > These can be used for signing. > Just fine for private/intranet repositories. > > You can associate them with whatever mail addres you would like it to > be > associated with. > > If you package for Debian or Ubuntu repo's, you can generate a key as > well with gpg and have it signed by one or more maintainers. > Next you can use the signed key to sign packages for uploading to > official Debian/Ubuntu repositories. > > In my case it is about two things: > 1. Setting up an intranet repository with Gambas 3.6.2 for wheezy and > internal developed Gambas applications (this is at work) > 2. Setting up a GambOS own distro repository holding more recent > Gambas3 > version and Gambas applications developed for GambOS. > > Both need a different key to sign with. > Since keys can be exported/imported, you can have multiple signing keys > on one system. > > If you have a look at the keys they look something like this (dummie > example, no real key): > > $ gpg --list-keys > /home/joe/.gnupg/pubring.gpg > ------------------------------- > pub 2048R/E123D553 2011-08-03 [expires: 2012-08-02] > uid Joe User (Some organization) <joe.u...@domain.com> > sub 2048R/F2495744 2011-08-03 [expires: 2012-08-02] > > In this case F2495744 is the key id to sign with. > > So a 'dpkg-buildpackage -d -rfakeroot -kF2495744'would sign the > packages > made.
Little extra note here: If the key has a passphrase, the dpkg-buildpackage will ask for it to do the signing!! so, that has to be taken into account. Just do some packaging from the command line in a terminal, with key signing and passphrase on key and you will see when and what is asked by dpkg-buildpackage. gbWilly ------------------------------------------------------------------------------ _______________________________________________ Gambas-user mailing list Gambas-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/gambas-user
