Re: GPG signing of debian packages
-----BEGIN PGP SIGNED MESSAGE-----
Andreas Metzler wrote:
> - I personally always run dpkg-buildpackage with -uc -us and use
> debsign -kkeyid foo_changes to sign the /final/ packages
> afterwards. I usually build the packages more than once before
> uploading as I often find some last-minute bug, and don't like to
> type in my gpg-passphrase more frequently than necessary.
Or alternatively install quintuple-agent and then have a script say
if [ ! -n "$AGENT_SOCKET" ]; then
eval `q-agent &`
if [ -n "$AGENT_SOCKET" ]; then
debuild --linda -eAGENT_SOCKET -pagpg -sgpg $*
echo Quintuple agent not found. Using standard debuild.
to build your package. Then you only have to type your password once.
But of course, what you really should do is use pdebuild to make sure
your package will build on a clean sid system.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v188.8.131.52 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----