[Bug 794622] New: RFE: 'ftpadmin install' should allow install of a detached GPG signature file alongside each tarball
- From: "sysadmin" (GNOME Bugzilla) <bugzilla gnome org>
- To: gnome-infrastructure gnome org
- Subject: [Bug 794622] New: RFE: 'ftpadmin install' should allow install of a detached GPG signature file alongside each tarball
- Date: Fri, 23 Mar 2018 14:12:30 +0000
| Bug ID |
794622
|
| Summary |
RFE: 'ftpadmin install' should allow install of a detached GPG signature file alongside each tarball
|
| Classification |
Infrastructure
|
| Product |
sysadmin
|
| Version |
unspecified
|
| OS |
Linux
|
| Status |
NEW
|
| Severity |
normal
|
| Priority |
Normal
|
| Component |
Other
|
| Assignee |
sysadmin-maint@gnome.bugs
|
| Reporter |
dan-gnome@berrange.com
|
| QA Contact |
sysadmin-maint@gnome.bugs
|
| GNOME version |
---
|
I want to be able to provide GPG signatures for tarballs of gtk-vnc I upload,
but the 'ftpadmin install' only appears to want tarballs as arguments.
It should allow maintainer to provide a detached signature with a name of
'$TARBALL.asc', and upload that to the ftp site. This is more trustworthy than
the checksums ftpadmin creates, which can be easily tampered with at same time
as the tarballs by a malicious actor.
This would of course mean the maintainer must provide the tarball in tar.xz
format, so that ftpadmin doesn't try do tarball recompression, but that's
reasonable enough.
eg I would like todo
ftpadmin install gtk-vnc-0.7.2.tar.xz gtk-vnc-0.7.2.tar.xz.asc
You are receiving this mail because:
- You are watching the QA Contact of the bug.
- You are watching the assignee of the bug.
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
