rpmsign Command: Examples, Options, and Usage

常用示例

Sign RPM package

rpmsign --addsign [package.rpm]

Sign with specific key

rpmsign --addsign --key-id [KEYID] [package.rpm]

Re-sign package

rpmsign --resign [package.rpm]

Delete signature

rpmsign --delsign [package.rpm]

Sign multiple packages

rpmsign --addsign [*.rpm]

说明

rpmsign adds or manages OpenPGP signatures on RPM packages. Signing packages allows verification of authenticity and integrity. It supports both traditional package signing and file-level IMA/fsverity signing. Part of the RPM package manager. The signing key is configured via the %_openpgp_sign_id macro (or legacy %_gpg_name).

参数

--addsign: Add signature to package.
--resign: Replace existing signature.
--delsign: Delete all OpenPGP signatures.
--delfilesign: Delete all IMA and fsverity file signatures.
--key-id _KEYID_: GPG key ID, overriding %_openpgp_sign_id configuration.
--signfiles: Sign package files using the configured digest algorithm and RSA key.
--fskpath _KEY_: File signing key path, used with --signfiles.
--signverity: Sign package files with fsverity signatures.
--certpath _CERT_: Certificate for use with --signverity.
--rpmv3: Add RPM V3 header+payload signature on V4 packages for compatibility with rpm < 4.14.
--rpmv4: Add RPM V4 header signature on V6 packages for rpm 4.x compatibility.
-D _"MACRO EXPR"_: Define RPM macro.

FAQ

What is the rpmsign command used for?

rpmsign adds or manages OpenPGP signatures on RPM packages. Signing packages allows verification of authenticity and integrity. It supports both traditional package signing and file-level IMA/fsverity signing. Part of the RPM package manager. The signing key is configured via the %_openpgp_sign_id macro (or legacy %_gpg_name).

How do I run a basic rpmsign example?

Run `rpmsign --addsign [package.rpm]` in a terminal, then adjust file names, paths, flags, or remote targets for your system.

What does --addsign do in rpmsign?

Add signature to package.

rpmsign 命令

常用示例

说明

参数

FAQ

相关命令