Home > Uncategorized > Repositories and Distribution

Repositories and Distribution


The Purpose of this lab is to sign and create a repository in order to distribute my newly created and tested RPM file.


To sign my RPM package first I have to generate a key. This is done using GPG.

gpg –gen-key

This application asks you a few questions including

  • Type of key
  • Key expiry
  • Email address
  • Name

After generating my key, I edit my ~/.rpmmacros file and add in the line:

%_gpg_name “nlambert@learn.senecac.on.ca”

Now I can sign my RPM with the newly generated key and then export the public key in to be used later :

rpm –addsign rpmbuild/RPMS/i686/spell-1.1-1.fc15.i686.rpm

gpg –export –armour nlambert@learn.senecac.on.ca > mygpg

Using root privileges I moved my exported key in to the /etc/pki/rpm-gpg directory:

mv /home/nick/mygpg /etc/pki/rpm-gpg/RPM-GPG-KEY-nlambertrepo

I then created a temporary directory to make my repository in and copied my RPM to it. From there I ran the “createrepo” command to generate the repo data folder.

mkdir temp
cp rpmbuild/RPMS/i686/spell-1.1-1.fc15.i686.rpm temp
cd temp/
createrepo .

I then copied the contents of the repodata folder and my source file to a web host (Matrix)

scp -r spell-1.1-1.fc15.i686.rpm repodata nlambert@matrix:~/public_html/myrepo

SSHing into my matrix account I moved the files into their proper places:

mkdir /public_html/www/myrepo/repodata
mv *.gz public_html/myrepo/repodata/
mv *.bz2 public_html/myrepo/repodata/
mv repomd.xml public_html/myrepo/repodata/
mv spell-1.1-1.fc15.i686.rpm public_html/myrepo/


In order to test my newly signed and created repository, I copied one of the files in /etc/yum.repos.d in order to create my own.

cp /etc/yum.repos.d/fedora /fedora.repo etc/yum.repos.d/nlambert.repo

The contents of my custom repository file

  1. [NLambert]
  2. name= NLambert Repo
  3. failovermethod=priority
  4. baseurl=http://matrix.senecac.on.ca/~nlambert/myrepo
  5. enabled=1
  6. metadata_expire=7d
  7. gpgcheck=1
  8. gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-nlambertrepo

Line 1 is the listed name of the custom repository.

Line 4 is the location of my repository where the RPM may be downloaded from.

Line 5 enables the repo file for use when installing files.

Line 6 specifies when the client must update their version of this repo in order to check for new updates.

Line 7 specifies that the RPMs served from this repo are signed with a key.

Line 8 specifies that the public key to be used to verify the signing of the RPMs should be located in /etc/pki/rpm-gpg and named RPM-GPG-KEY-nlambertrepo

Using this file I am now able to install from my very own repository!

A method I used to check my custom repo was “rpm repolist” which displays all repositories which you may install/update from.

From here I’m able to install from my repository with the command “yum install spell”. Because my version of spell has a higher version number it is able to install it from my repository.

Repository Release:

In order to make my repo available to others I can package my repo file and my GPG key into an rpm of its own.

I have yet to do this but will be detailing my attempt at it in my next blog post.


My Repository




Categories: Uncategorized
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: