[CentOS] Passing password to script for rpmsign of list of .rpm files

Sat May 21 00:41:39 UTC 2011
Ljubomir Ljubojevic <office at plnet.rs>

Marian Marinov wrote:
> 
> You should also check this:
> 
> http://blogs.23.nu/till/2008/12/rpm-addsign-with-gpg-agent/
> 
I am not really trilled by entering blank passwords.

Anyhow, I have developed nice script for automatic signing of (--addsign
= only unsigned, --resign = all) rpm's.

Features:
1) It supports subdirectories of unlimited? depth.
2) Password is only asked once.
3) Timestamps are preserved.
4) Script outputs check of rpm's together with active GPG Key ID and
time of signing. Useful for final check and logging.

I hope this script will find good use for rpm packagers.

I named the script "rpm-autosign".

NOTICE: I forgot to filter only files so I had to change code. Improved is:

Code:

#!/bin/bash

# Author Ljubomir Ljubojevic <office at plnet dot rs>

for i in $(find . -type f | grep .rpm); do
    touch -r "$i" "$i.zzz"
done

#rpmsign --resign `find . | grep .rpm | grep -v .zzz`
rpmsign --addsign `find . -type f | grep .rpm | grep -v .zzz`

for i in $(find . -type f | grep .rpm | grep -v .zzz); do
    touch -r "$i.zzz" "$i"
done

for i in $(find . -type f | grep .zzz); do
    rm -f "$i"
done

#rpmsign --checksig `find . | grep .rpm`

rpm -qp `find . -type f | grep .rpm` --qf='%-{NAME} %{BUILDHOST} 
%{PACKAGER} %{SIGGPG:pgpsig} \n'
Notice that last line is broken in two by mail client.

Ljubomir