[CentOS] Distribution of Commercial RPM

Wed Jul 12 16:18:00 UTC 2017
Gordon Messmer <gordon.messmer at gmail.com>

On 07/12/2017 01:20 AM, david allan finch wrote:
> Is there a location to upload paid for RPM for distrubution, ie a 
> store for CentOS?

Not that I'm aware of.

> Is there a discription of how to create your own RPM repository for 
> distrubution?

This could be documented a little better...  You should create a GPG key 
for rpm signing:

   https://gist.github.com/fernandoaleman/1376720

After building rpm packages, use "rpm --addsign" to sign them.

A yum repository is simply a web-accessible directory, typically with a 
"packages" and a "source" sub-directory.  Move your signed packages 
there, and then run "createrepo_c /path/to/dir". createrepo_c is a 
faster version of the createrepo tool, which does the same thing.

The first package you want to build is probably a "release" package for 
your repository:

http://sbr600blog.blogspot.com/2012/03/how-to-create-repository-release-rpm.html

You can also sign your repo metadata:

https://blog.packagecloud.io/eng/2014/11/24/howto-gpg-sign-verify-rpm-packages-yum-repositories/

> What about updates of these RPM? 

You can put updates in the same repo, or a separate repo, whichever you 
prefer.  Just copy them and run "createrepo_c" again.  When clients run 
an "update" they'll refresh their repo information and update to newer 
packages.