====== リポジトリ リリース パッケージの作成 ======
===== spec ファイルの作成 =====
$ vi ~/rpmbuild/SPECS/tomoyan-release.spec
Summary: Tomoyan's RPM Packages for Fedora
Name: tomoyan-release-30
Version: 1.01
Release: 0
License: GPLv2
URL: http://www.tomoyan.net/
Group: System Environment/Base
Source0: http://repos.tomoyan.net/pub/fedora/RPM-GPG-KEY-tomoyan-30
Source1: tomoyan.repo
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-buildroot-%(%{__id_u} -n)
BuildArch: noarch
%description
This package contains Tomoyan's repository GPG key and configuration files.
%package release
Summary: Tomoyan's RPM repository for Fedora
Requires: fedora-release
%description release
This package contains Tomoyan's repository GPG key and configuration files.
%prep
%build
%install
rm -rf rm -rf $RPM_BUILD_ROOT
#GPG Key
install -dm 755 install -dm 755 $RPM_BUILD_ROOT%{_sysconfdir}/pki/rpm-gpg
install -pm 644 %{SOURCE0} $RPM_BUILD_ROOT%{_sysconfdir}/pki/rpm-gpg
# dnf
install -dm 755 install -dm 755 $RPM_BUILD_ROOT%{_sysconfdir}/yum.repos.d
install -pm 644 %{SOURCE1} $RPM_BUILD_ROOT%{_sysconfdir}/yum.repos.d
%clean
rm -rf $RPM_BUILD_ROOT
%post
#rpm --import %{SOURCE0}
%files
%defattr(-,root,root,-)
%config(noreplace) /etc/pki/rpm-gpg/*
/etc/yum.repos.d/*
%changelog
* Tue May 14 2019 tomoyan - 1.01-0
- Update Package
* Tue Feb 12 2019 tomoyan - 1.0-0
- Create Package
===== 公開鍵のエクスポート =====
公開鍵をエクスポートする。
$ gpg2 --export -a "TomoYan (TomoYan's RPM repository) " > ~/rpmbuild/SOURCES/RPM-GPG-KEY-tomoyan-30
フィンガー・プリントを確認する。
$ gpg2 --quiet --with-fingerprint ~/rpmbuild/SOURCES/RPM-GPG-KEY-tomoyan-30
pub rsa1024 2019-02-14 [SC]
uid TomoYan (TomoYan's RPM repository)
sub rsa1024 2019-02-14 [E]
===== リポジトリ設定ファイルの作成 =====
$ vi ~/rpmbuild/SOURCES/tomoyan.repo
[tomoyan]
name=Tomoyan's RPM repository - Fedora $releasever - $basearch
failovermethod=priority
baseurl=http://repos.tomoyan.net/pub/fedora/$releasever/$basearch/
enabled=1
gpgcheck=1
priority=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-tomoyan-$releasever
[tomoyan-source]
name=Fedora $releasever - $basearch Tomoyan's Source Repository
failovermethod=priority
baseurl=http://repos.tomoyan.net/pub/fedora/$releasever/SRPMS/
enabled=0
gpgcheck=1
priority=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-tomoyan-$releasever
===== ビルドとパッケージの署名 =====
$ rpmbuild --sign -ba ~/rpmbuild/SPECS/tomoyan-release.spec
+ umask 022
+ cd /home/tomoyan/rpmbuild/BUILD
+ exit 0
+ umask 022
+ cd /home/tomoyan/rpmbuild/BUILD
+ exit 0
+ umask 022
+ cd /home/tomoyan/rpmbuild/BUILD
+ '[' /home/tomoyan/rpmbuild/BUILDROOT/tomoyan-release-30-1.01-0.x86_64 '!=' / ']'
+ rm -rf /home/tomoyan/rpmbuild/BUILDROOT/tomoyan-release-30-1.01-0.x86_64
++ dirname /home/tomoyan/rpmbuild/BUILDROOT/tomoyan-release-30-1.01-0.x86_64
+ mkdir -p /home/tomoyan/rpmbuild/BUILDROOT
+ mkdir /home/tomoyan/rpmbuild/BUILDROOT/tomoyan-release-30-1.01-0.x86_64
+ rm -rf rm -rf /home/tomoyan/rpmbuild/BUILDROOT/tomoyan-release-30-1.01-0.x86_64
+ install -dm 755 install -dm 755 /home/tomoyan/rpmbuild/BUILDROOT/tomoyan-release-30-1.01-0.x86_64/etc/pki/rpm-gpg
+ install -pm 644 /home/tomoyan/rpmbuild/SOURCES/RPM-GPG-KEY-tomoyan-30 /home/tomoyan/rpmbuild/BUILDROOT/tomoyan-release-30-1.01-0.x86_64/etc/pki/rpm-gpg
+ install -dm 755 install -dm 755 /home/tomoyan/rpmbuild/BUILDROOT/tomoyan-release-30-1.01-0.x86_64/etc/yum.repos.d
+ install -pm 644 /home/tomoyan/rpmbuild/SOURCES/tomoyan.repo /home/tomoyan/rpmbuild/BUILDROOT/tomoyan-release-30-1.01-0.x86_64/etc/yum.repos.d
+ '[' noarch = noarch ']'
+ case "${QA_CHECK_RPATHS:-}" in
+ /usr/lib/rpm/check-buildroot
+ /usr/lib/rpm/redhat/brp-ldconfig
+ /usr/lib/rpm/brp-compress
+ /usr/lib/rpm/brp-strip /usr/bin/strip
+ /usr/lib/rpm/brp-strip-comment-note /usr/bin/strip /usr/bin/objdump
+ /usr/lib/rpm/brp-strip-static-archive /usr/bin/strip
+ /usr/lib/rpm/brp-python-bytecompile /usr/bin/python 1 0
+ /usr/lib/rpm/brp-python-hardlink
+ /usr/lib/rpm/redhat/brp-mangle-shebangs
+ umask 022
+ cd /home/tomoyan/rpmbuild/BUILD
+ rm -rf /home/tomoyan/rpmbuild/BUILDROOT/tomoyan-release-30-1.01-0.x86_64
+ exit 0
/home/tomoyan/rpmbuild/SRPMS/tomoyan-release-30-1.01-0.src.rpm:
/home/tomoyan/rpmbuild/RPMS/noarch/tomoyan-release-30-1.01-0.noarch.rpm:
===== リポジトリ リリース パッケージをサイトに配置 =====
$ scp ~/rpmbuild/RPMS/noarch/tomoyan-release-30-1.01-0.noarch.rpm skv001:/var/www/vhosts/repos.tomoyan.net/pub/fedora/
$ scp ~/rpmbuild/RPMS/noarch/tomoyan-release-30-1.01-0.noarch.rpm skv001:/var/www/vhosts/repos.tomoyan.net/pub/fedora/30/x86_64/Packages/t/
$ scp ~/rpmbuild/SOURCES/RPM-GPG-KEY-tomoyan-30 skv001:/var/www/vhosts/repos.tomoyan.net/pub/fedora/
===== リポジトリ リリース パッケージをインストール =====
$ sudo dnf install https://repos.tomoyan.net/pub/fedora/tomoyan-release-30-1.0-0.noarch.rpm
===== GPG 鍵のインポート確認 =====
リポジトリからパッケージをインストールしてみる。
$ sudo dnf install wxGTK31 wxGTK31-devel
パッケージのインストール時に GPG 鍵のインポート確認が表示される事を確認する。
Tomoyan's RPM repository - Fedora 30 - x86_64 1.1 kB/s | 1.1 kB 00:01
GPG 鍵 0xDC52FC64 をインポート中:
Userid : "TomoYan (TomoYan's RPM repository) "
Fingerprint: FAA4 6609 A58C D8A8 12E7 5B21 D738 2E77 DC52 FC64
From : /etc/pki/rpm-gpg/RPM-GPG-KEY-tomoyan-30
これでよろしいですか? [y/N]: y
===== リポジトリ リリース パッケージの署名を確認 =====
パッケージの Signature を確認する。
$ rpm -qi tomoyan-release-30
Name : tomoyan-release-30
Version : 1.01
Release : 0
Architecture: noarch
Install Date: 2019年05月14日 20時09分20秒
Group : System Environment/Base
Size : 1604
License : GPLv2
Signature : RSA/SHA256, 2019年05月14日 20時01分14秒, Key ID d7382e77dc52fc64
Source RPM : tomoyan-release-30-1.01-0.src.rpm
Build Date : 2019年05月14日 20時01分14秒
Build Host : Cmon.monsters-g.local
Relocations : (not relocatable)
Packager : TomoYan
URL : http://www.tomoyan.net/
Summary : Tomoyan's RPM Packages for Fedora
Description :
This package contains Tomoyan's repository GPG key and configuration files.
===== 参考文献 =====
[[https://access.redhat.com/documentation/ja-jp/red_hat_enterprise_linux/7/html/rpm_packaging_guide/index|RPM パッケージングガイド Red Hat Enterprise Linux 7 | Red Hat Customer Portal]]\\