Bug 476201 - rpm ignores %_gpgbin in contradiction to the manpage
Summary: rpm ignores %_gpgbin in contradiction to the manpage
Keywords:
Status: CLOSED NEXTRELEASE
Alias: None
Product: Fedora
Classification: Fedora
Component: rpm
Version: 10
Hardware: All
OS: Linux
low
medium
Target Milestone: ---
Assignee: Panu Matilainen
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2008-12-12 13:08 UTC by Till Maas
Modified: 2009-02-24 20:52 UTC (History)
3 users (show)

Fixed In Version: 4.6.0-1.fc10
Clone Of:
Environment:
Last Closed: 2009-01-08 13:08:04 UTC
Type: ---
Embargoed:


Attachments (Terms of Use)

Description Till Maas 2008-12-12 13:08:27 UTC
Description of problem:

From the manpage (substituted foo with example):

|        For example, to be able to use GPG to sign packages as the user "John | Doe <jdoe>" from the key rings located in /etc/rpm/.gpg using 
| the  executable
|       /usr/bin/gpg you would include
|
|       %_signature gpg
|       %_gpg_path /etc/rpm/.gpg
|       %_gpg_name John Doe <jdoe>
|       %_gpgbin /usr/bin/gpg

But changing %_gpgbin has no effect.

Version-Release number of selected component (if applicable):
rpm-4.6.0-0.rc1.8

How reproducible:
always

Steps to Reproduce:
1. change %_gpgbin in ~/.rpmmacros to /bin/false
  
Actual results:
gpg can still sign rpms

Expected results:
it should fail

Additional info:
In case you wonder, why I would like to change the executable: I wanted to pass  --force-v3-sigs --digest-algo=sha1 to gpg when using --addsign and the only possble way to do this seems to use a wrapper for gpg and specifying this to rpm, but of course using the __gpg macro. But I guess this macro is not intended for this and may break other stuff.

Comment 1 Panu Matilainen 2008-12-12 13:33:42 UTC
Use %__gpg to override the gpg path instead - and yes the man page is severely out of date wrt that.

Comment 2 Panu Matilainen 2008-12-12 13:40:25 UTC
...but ok, to use particular options for signing, you'll be better off customizing %__gpg_sign_cmd, %__gpg is indeed only intended to be the path to the gpg executable.

Comment 3 Panu Matilainen 2009-01-08 13:08:04 UTC
Manpage updated upstream, Fedora will get it once updated to 4.6.0 final (not worth it to track separately for Fedora).

Comment 4 Fedora Update System 2009-02-24 20:51:58 UTC
rpm-4.6.0-1.fc10 has been pushed to the Fedora 10 stable repository.  If problems still persist, please make note of it in this bug report.


Note You need to log in before you can comment on or make changes to this bug.