creating asc key files
andrew bezella
abezella at archive.org
Thu Apr 13 01:43:21 CEST 2017
i'm not 100% sure that this will be helpful, but somewhere in here you
might find something useful (apt version 1.2.19)...
if you already have the desired key in some form you should be able to
either use a gpg command directly (per earlier replies) or `apt-key
export` and redirect the output to a .asc file. this can be included in
the fai configuration space under package_config/. i can confirm that
with this approach the key is loaded early in the build process, used
during the install, and available in the built system. it's worth
noting that the resultant keyring is stored with the same name and an
additional .gpg extension in /etc/apt/trusted.gpg.d, and that further
actions (e.g., renewal) on it need to use the --keyring option to
apt-key.
if you don't have the desired key you should be able to add it to your
personal keyring for later export via something like:
gpg --keyserver pgp.mit.edu --recv-key 2BF8D9FE074BCDE4
i believe (but have not tested) that if you have an fai script that ran
`$ROOTCMD apt-key adv --recv-keys` (as described in your initial email)
you would also end up with the key in the built system, but as part of
the default keyring.
anyway, hth...
andy
--
andrew bezella <abezella at archive.org>
Internet Archive
More information about the linux-fai
mailing list