From Fedora Project Wiki

(added restart ABRT instructions)
No edit summary
Line 2: Line 2:
|description=
|description=
This is testing [[Features/ABRT|ABRT]] GPG check using '''custom GPG Keys'''
This is testing [[Features/ABRT|ABRT]] GPG check using '''custom GPG Keys'''
That means you can add other trusted gpg keys used to sign packages from some repository (e.g. rpm fusion). See also [[QA:Testcase_abrt_GPG_check]].
That means you can add other trusted GPG keys used to sign packages from some repository (e.g. RPM Fusion). See also [[QA:Testcase_abrt_GPG_check]].


|actions=
|actions=
Line 8: Line 8:
<pre>
<pre>
   EnableOpenGPG = yes
   EnableOpenGPG = yes
   OpenGPGPublicKeys = /etc/pki/rpm-gpg/RPM-GPG-KEY-fedora
   OpenGPGPublicKeys = /etc/pki/rpm-gpg/RPM-GPG-KEY-fedora, /etc/pki/rpm-gpg/RPM-GPG-KEY-rpmfusion-free-fedora
</pre>
</pre>


Set gpg ''EnableOpenGPG'' to ''yes''.
Set ''EnableOpenGPG'' to ''yes''.
 
Add path to GPG signature, delimited by colon.
Restart ABRT: <pre># service abrt restart</pre>
Restart ABRT: <pre># service abrt restart</pre>


Instal some package from fusion rpm (or any other repo). Crash an application from this package - abrt should ignore it this time. Leave gpg check on and import the gpg key from the repo (if you haven't already).  Add the gpg key into ABRT config, crash something from the package - and this time it should be reported.  
Install package from the repository to which the new GPG key belongs to. Crash an application from this package - abrt should ignore it this time. Leave gpg check on and import the gpg key from the repo (if you haven't already).  Add the gpg key into ABRT config, crash something from the package - and this time it should be reported.  


'''<fixme: how to add key to config? Comma delimited? Please provide example...>'''
'''<fixme: how to add key to config? Comma delimited? Please provide example...>'''

Revision as of 09:19, 18 August 2009

Description

This is testing ABRT GPG check using custom GPG Keys That means you can add other trusted GPG keys used to sign packages from some repository (e.g. RPM Fusion). See also QA:Testcase_abrt_GPG_check.


How to test

Edit config file /etc/abrt/abrt.conf, where you should find lines: 

   EnableOpenGPG = yes
   OpenGPGPublicKeys = /etc/pki/rpm-gpg/RPM-GPG-KEY-fedora, /etc/pki/rpm-gpg/RPM-GPG-KEY-rpmfusion-free-fedora

Set EnableOpenGPG to yes. Add path to GPG signature, delimited by colon.

Restart ABRT: 

# service abrt restart

Install package from the repository to which the new GPG key belongs to. Crash an application from this package - abrt should ignore it this time. Leave gpg check on and import the gpg key from the repo (if you haven't already). Add the gpg key into ABRT config, crash something from the package - and this time it should be reported.

<fixme: how to add key to config? Comma delimited? Please provide example...>

Expected Results

ABRT should notice only crashes of applications from signed packages when EnableOpenGPG=yes, it should ignore packages from unsupported archives

Retrieved from "https://fedoraproject.org/w/index.php?title=QA:Testcase_ABRT_GPG_Keys&oldid=119391"