rpms/fedora-repos
3
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Compare commits

merge into: rpms:rawhide
Branches Tags
rpms:rawhide
rpms:f43
rpms:main
rpms:f41
rpms:f42
rpms:f40
rpms:f39
rpms:f37
rpms:f38
rpms:f36
rpms:rpm-import-check
rpms:f35
rpms:f33
rpms:f34
rpms:f32
rpms:f31
rpms:f30
rpms:f29
rpms:f28
rpms:f27
rpms:f28-source-merge-2
rpms:f26
rpms:f25
rpms:f24
rpms:f23
rpms:f22
rpms:f21
...
pull from: rpms:f40
Branches Tags
rpms:f43
rpms:main
rpms:rawhide
rpms:f41
rpms:f42
rpms:f40
rpms:f39
rpms:f37
rpms:f38
rpms:f36
rpms:rpm-import-check
rpms:f35
rpms:f33
rpms:f34
rpms:f32
rpms:f31
rpms:f30
rpms:f29
rpms:f28
rpms:f27
rpms:f28-source-merge-2
rpms:f26
rpms:f25
rpms:f24
rpms:f23
rpms:f22
rpms:f21
Sign in to create a new pull request.

7 commits
rawhide ... f40

Author SHA1 Message Date
Patrik Polakovič
87e1f6be58 Add Fedora 44 key 
Signed-off-by: Patrik Polakovič <patrik@alphamail.org>
 2025-02-04 13:42:22 +01:00
Samyak Jain
8e4f8e5d84 Add Fedora 43 key 
Signed-off-by: Samyak Jain <samyak.jn11@gmail.com>
 2024-08-20 09:34:52 +05:30
Coiby Xu
bb5662b2e9 Add IMA certs 
Add Fedora IMA certs,
 - The code-signing keys /etc/keys/ima/* are supposed to be read by the
   dracut integrity module and other user space tools
 - The CA key /usr/share/ima/ca.der is supposed to be built into the
   kernel

Note the dracut integrity module only reads a DER cert and will error if
given other formats,
    Failed to d2i_X509_fp key file: /sysroot/etc/keys/ima/fedora-39-ima.pem
    openssl: error:068000A8:asn1 encoding routines::wrong tag
    openssl: error:0688010A:asn1 encoding routines::nested asn1 error

Signed-off-by: Coiby Xu <coxu@redhat.com>
 2024-05-23 08:49:32 +08:00
Kevin Fenzi
4dcb6238e5 Disable updates-testing for f40 final release 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2024-04-06 12:02:09 -07:00
Kevin Fenzi
b0be9579a9 Enable updates-testing for branched. Fixes rhbz#2266096 2024-02-27 09:58:55 -08:00
Samyak Jain
14937e917b Add fedora 42 key 
Signed-off-by: Samyak Jain <samyak.jn11@gmail.com>
 2024-02-13 02:22:04 +05:30
Samyak Jain
6406e5571f Branch Fedora 40 from Rawhide 
Signed-off-by: Samyak Jain <samyak.jn11@gmail.com>
 2024-02-13 01:55:15 +05:30
10 changed files with 130 additions and 12 deletions
Download patch file Download diff file Expand all files Collapse all files

29
RPM-GPG-KEY-fedora-42-primary Normal file
View file

@ -0,0 +1,29 @@
-----BEGIN PGP PUBLIC KEY BLOCK-----
mQINBGXKg9EBEACvsAjRcllcH6mVReU/0hi5YnwqulP7gNgUM4jYPiqucF51g0oW
MbFk0VjDn3QXjrwLNLtj4oxsU+E6OW0jl1732qvjUJ9geEZBuidyFZgq0CCn9K8d
661dPDjN/DzWWogFhnDySFHRLdh6dYCuu75/HKSIVfCud2IFCvT7Bhk4AOpxv4c7
mmX874LFgi49jkAYC0M6UbJ9o3KSCndipf/k0ra2g9dGacqlPfn3PMiTszPDr99d
o4qZ5dVZYC6Sna8GjNhN7b/2xLGQuzdd9LHgPHC/PX7XsvBLu42rqi3q0umJBtjZ
CyFxF5Dp0VMwmVfrKFZOHvVsGjPLrxomLU16/EDzIrw6cHikdQKLf4sl0rX0m8j0
PNAGOSDmE9YgByiPo12CGMOuAvsDUI0JID4p4WqpBShTBuiIrITn8XVTCOQ+tKq9
dE/qI+mm2hnZjJajM2UWfKE0mVH4SDOiSilgKR/h5HuLZqwtYXFExDZsAcxaLfRB
KCrIOyJdpV7YIj8PaP89XeycHM2MaIfwdHSx3Pz39zZNzi6vJkLj9SWdQT7lOvZx
xTQ3dK0Rcpjx+rGHgihMT4yBd+JO9mZS3ghNGbypYnNn/mohPOAxguXuPuPRj00o
C7C3lIEEL/hZXZbN1SuiopZjxbU/x/5lO8n0Un1GCzynObPDvpDLTjsdKQARAQAB
tDFGZWRvcmEgKDQyKSA8ZmVkb3JhLTQyLXByaW1hcnlAZmVkb3JhcHJvamVjdC5v
cmc+iQJOBBMBCAA4FiEEsPSVBFj2nhFQxsXtyKxJFhBe+UQFAmXKg9ECGw8FCwkI
BwIGFQoJCAsCBBYCAwECHgECF4AACgkQyKxJFhBe+US4mQ//e4gIGhA6TJuEqrVP
gKtSnDawIj30TGbkXIywECtKCu9N8anTlkU2/XSKGyE3ZDdKDO77O11382Ci1xJg
CpdbqKg4G02ecEKT1Dtng37gt55SkhffQ0EeDb3Zl+Pu5qohHQUiMzio4B4q8n0H
D+L9klQ3I1rLmymguBRd34jQH/z025GE2SBbCpDnQCChZT7Fq1D/onOQgC6skN6Q
E2dvYqOnSlHkkfuVlRRYoLNmynxHKlL6VZkiM7m1zKi7cMEK63mKJQ3jH3Mc9grh
+OwBDxOjx5UoYMeYqq7oXyTPKvvf6ssuHtjWM3tNkyi5R1nB+4SHMttrbt2pLMSH
Jg6pNXoLAP8ahlvxdgVRjgN/6OMC/DwXnLxippelBXXDyBnwVd8/WohbJDcq7e5t
dymZpRsNxzhWSuwbHzeJY1DKtePhbjblShLjxTzLnS4GBPJV5TXpHkZWgQmz2aA0
CHV47j37P6kAOEtsJkJUWWz+/Rx1N5Mm5lxvghaAzlTBtwQhRgl9Y8kCTznG40QQ
64N2FOrcExUJmujLRISDjM2Ps9MtBlbYs7H4JDziX4jpNyvhVAbEdjbzVfL5oi35
l+K/QRtQJnt78qhLpNNB7SdQkNmD8eMeXF7mA/MH6eFM88hF4l6NeKklyMIa5thg
LFx0UyEgoLXDBg+thUzby61gnA8=
=OCXB
-----END PGP PUBLIC KEY BLOCK-----

29
RPM-GPG-KEY-fedora-43-primary Normal file
View file

@ -0,0 +1,29 @@
-----BEGIN PGP PUBLIC KEY BLOCK-----
mQINBGa23M8BEAC47NwKLi/g2S9I2p5JtUbJ0y3m2St9zqkSENmYw/+R+WKvaP3S
KSFQF3Qi6pqGXJ88ADJUkFYpOGGyoc0dieLCmIPqtWbwGvBVMxBRBeU3+hClwbSQ
sysVnr8VxUwidfsIjNJavCZwB0ZoZbxdCPMQMOgQyTLX4OI/uKlPUzeymDHwxjb/
tllflSTOGtdYe3giRzidxN+xbCb6UoXkl0+lJEFbsmp41O5D/Ur5N05lBrsEXoDu
Fr99Kfv3Av7f3JfzDlkqC/EhmfxZEZvWj3hRdAfi2fFmtVcrdLfGIpQg6Y2Baphp
PhaHqKl9zD5GWqu5GSXGoLaGXusBvwBKjS/g+VLo7pJfMsUF3sUduJNG3UThAsrp
QLV3wQz0AMHVElRErOWdBDY0ddAKLPL7/mtxj39pGEpZ/dNtQkzgm7VCdP10QnQZ
rwR2l8k7CPu0pylPCXmXvKFWV1uv9RnztlWY6BRmufKn+lJsN3Blh7ndi5rlCjR6
mHVrQD/l6+8VmSD3/mDnbEXPyzBkSY5D1wpR7M5VXN5jVHROc4ZA5M88SyI48ESG
NmeAwtGar45/X+wG47+EC4+JXpNO7BQrEvHgJxBdyoQ6KLDrEaqn/OQpxB4Gfmcv
SwkWDpSk8wFm/pGlFK6J4b+ba7eOetW+aXrWSiFB1sTAg0OY+gds67OpWQARAQAB
tDFGZWRvcmEgKDQzKSA8ZmVkb3JhLTQzLXByaW1hcnlAZmVkb3JhcHJvamVjdC5v
cmc+iQJSBBMBCAA8FiEExufwgc+A4TFGZ26IgptgZjFkVTEFAma23M8CGw8FCwkI
BwIDIgIBBhUKCQgLAgQWAgMBAh4HAheAAAoJEIKbYGYxZFUxagQP/RYWw5j0Gfvv
lWkDQTjTVAnHtbKuQLYM13Lx5d3W1k0g6Xdrolf4yPjh4YPYVQDXksB4i6ULLbMo
8u46UCPMQwCXTd3Ax9imYn+V74Isl/CkBbKQD9YfSJjhW3mSlPa27jo2uhqpdV0S
xp05NWYnWrZN+GbtCUs1+rNTBevagOURtlZ8f0iPVRA/PxWzpjbRaGrCHlIYc3JO
GKLUuQueLvOUg2pP8dtpll7S3xUe5Abyq2ifT34T0wHi6hJA3bfpXo1uNXRvGrNw
gbJ7V6P7ioTcvyhS1h4zjelKFyvTnOKOy5D08HKmvTMWZQWEL7kDNymh1jMV7Abg
4TPp808EiPF1GGAzXU56feaURSvIuix3MkjhGZsSQQH2kkkEIzq6j/EwmpyEMW38
dtql4T2bVS/cTk/hRaqUKZlyrsL657g/4mFA1wDDM3895fYkHOpYF4JZ9SeDrhuc
TgpC7/TW55l6vSiFtnQvcMfjpfCA6mCA4b75k+/xG9RxxBnYU0qVuUo/8pON31yQ
D2AM2v7WbJBYVRYLlqPrkAZU5fe7+2wY7P7N0IAPwVA0TFJ1x6as3Kezdi/304mg
oC98DBLjHaUpX2bTxKMtCzlmeqPiwtyNkA9O9IQO7qQzArBKxmAgof4wblN5SL8i
fsjiJUqsK/gTYwJ744I/tzxOy5FXjA7z
=Bqds
-----END PGP PUBLIC KEY BLOCK-----

29
RPM-GPG-KEY-fedora-44-primary Normal file
View file

@ -0,0 +1,29 @@
-----BEGIN PGP PUBLIC KEY BLOCK-----
mQINBGeGrzsBEAC4UV5Ij9oz6h6abEKIRoiezttFfnLhwOAfE9tWtfIFMRmhY91u
L88PKf12n2xHBd3oc5ahBzGeTBhaMV+VJAppoQMSOIMI5q966D9GQ0LkJT+E5bwn
xGRJKp7qccevh2KFOUt2vHtFskhDOuAIupoKfo5FgI9PkvAVBsrUpO/22yjNv0V/
aeDXxZhRX8m/8FKJ77VcZtBRPcp7M41bCmW9gV9IDpD81hAdTjYoQr1Y3KU0FTm5
W4l1mf9mZcKMskOk08TyzQeC2YRB20EYRK439XCGJ4P7BFiOl96EbPpky2pHe2FV
AvX474o3QEecTK3KxZrsRjmXOqpjRPy5YyMfKEYBM9j3zBDvpDFk79Mfuw5n2Nr5
U4Wn/rqfhKLUKkfpfCow97nzq8NqynwS09yVobIfjHCKRtjwun6ife+s7R4L2nAu
rTWPAHqzIjjW5nnjaFtoSulIadVKx+KibKajA6gRAc6K7xMyMTHfqZeTAIcawvX6
h2d/nd8xCfogM5FTI5obNSUVNaMv5vQg6vcV1fb6oRgodF0Bi+1dssq5EMQpHFJM
nIQ5NVwuzSjCLt3X2mWUp0mfIt2K9oBpBct12uXho7Nm1bSC5UFNYsvw+rj6vTqZ
ilK9pyfcYmELv7a/NPkyuACsBFGoc66nBfrEvk57kW9FaJK9mjSqGftykQARAQAB
tDFGZWRvcmEgKDQ0KSA8ZmVkb3JhLTQ0LXByaW1hcnlAZmVkb3JhcHJvamVjdC5v
cmc+iQJSBBMBCAA8FiEENvYS3PJ/fRpIqDXk2/z3HG2fkKYFAmeGrzsCGw8FCwkI
BwIDIgIBBhUKCQgLAgQWAgMBAh4HAheAAAoJENv89xxtn5CmIU0P/iaFVxJjVi4P
yu8A04PbdGy2vuBBCceIjYn5HaMDwJMRjdJT6uMS494pSKNEl/JJ8K5rRdigfUV1
2Z22X3kI5aNb4k2wpaPg5Xq0JQS9FvG4Pjm//kNy5WplmEA8HVg4MVkvySWiXay4
+tkCelhE8aQDstYEm3uh+lZ6udgoInfprwFMn6H+8RXkakTW1z5NkuAA8PpMDA9o
SOFc4Hk6bhE6exEp4VNwBEkxwh4z9CGjarlXL4QEyM1UK60vtbXIHVjITjFfKVQP
j6ifdn5X69oSuK+1mUFXEV+l9pc1mVjTVTwOrG3EMBsoekFyICp1pPtfMo1dxBed
R8BFHqQFsFdmIG+59ycFznFOXzDRfaVn6OTEAk7T8nDqnpe/T4GlybLYic6KMKcM
nbMLaJZjHZ97qJb5Scpsd1TWB5TDERi4VPB7NAVC/EwxMPC3IJUbRej/s05gNjg0
+2yyuV/U/DDnNGWnLTJDFLUaE8HhQBMvNSfmdMA47mo5CCuYmpzX/3M9vlVsv8/R
xJBxFLIj9VFCPFNgXPeu9gyyytXeWgsIpDzMNJil9tgbBuQ1dX5GFMkWtK/kPexM
KfiSU0JgJFfFSm0OKI/KXcRlbA1zP3IF+2YwbL+P5ePinHsDiAPLCQt/dWgw2tfB
ZZLj9c3Ukew6Qobuy3V1knl564qQ6wjf
=1m7R
-----END PGP PUBLIC KEY BLOCK-----

8
archmap
View file

@ -88,4 +88,10 @@ fedora-39-primary: x86_64 aarch64 ppc64le s390x
fedora-40-primary: x86_64 aarch64 ppc64le s390x
fedora-41-primary: x86_64 aarch64 ppc64le s390x
fedora-41-primary: x86_64 aarch64 ppc64le s390x
fedora-42-primary: x86_64 aarch64 ppc64le s390x
fedora-43-primary: x86_64 aarch64 ppc64le s390x
fedora-44-primary: x86_64 aarch64 ppc64le s390x

BIN
fedora-39-ima.der
View file

Binary file not shown.

BIN
fedora-40-ima.der Normal file
View file

Binary file not shown.

BIN
fedora-41-ima.der Normal file
View file

Binary file not shown.

BIN
fedora-42-ima.der Normal file
View file

Binary file not shown.

BIN
fedora-ima-ca.der Normal file
View file

Binary file not shown.

47
fedora-repos.spec
View file

@ -1,10 +1,10 @@
%global rawhide_release 40
%global rawhide_release 43
%global updates_testing_enabled 0
Summary: Fedora package repositories
Name: fedora-repos
Version: 40
Release: 0.2%{?eln:.eln%{eln}}
Release: 4%{?eln:.eln%{eln}}
License: MIT
URL: https://fedoraproject.org/
@ -81,6 +81,9 @@ Source58: RPM-GPG-KEY-fedora-38-primary
Source59: RPM-GPG-KEY-fedora-39-primary
Source60: RPM-GPG-KEY-fedora-40-primary
Source61: RPM-GPG-KEY-fedora-41-primary
Source62: RPM-GPG-KEY-fedora-42-primary
Source63: RPM-GPG-KEY-fedora-43-primary
Source64: RPM-GPG-KEY-fedora-44-primary
# When bumping Rawhide to fN, create N+1 key (and update archmap). (This
# ensures users have the next future key installed and referenced, even if they
@ -90,13 +93,12 @@ Source150: RPM-GPG-KEY-fedora-iot-2019
Source151: fedora.conf
Source152: fedora-compose.conf
# ima certs
Source500: fedora-38-ima.cert
Source501: fedora-38-ima.der
Source502: fedora-38-ima.pem
Source503: fedora-39-ima.cert
Source504: fedora-39-ima.der
Source505: fedora-39-ima.pem
# IMA certs: dracut integrity module only recognizes DER format
Source500: fedora-ima-ca.der
Source501: fedora-39-ima.der
Source502: fedora-40-ima.der
Source503: fedora-41-ima.der
Source504: fedora-42-ima.der
%description
Fedora package repository files for yum and dnf along with gpg public keys.
@ -181,9 +183,11 @@ done
ln -s RPM-GPG-KEY-fedora-%{version}-primary RPM-GPG-KEY-%{version}-fedora
popd
# Install the ima keys
# Install the IMA certs
install -d -m 755 $RPM_BUILD_ROOT/etc/keys/ima
install -m 644 %{_sourcedir}/fedora*ima.* $RPM_BUILD_ROOT/etc/keys/ima/
install -m 644 %{_sourcedir}/fedora*ima.der $RPM_BUILD_ROOT/etc/keys/ima/
install -d -m 755 $RPM_BUILD_ROOT/usr/share/ima/
install -m 644 %{_sourcedir}/fedora-ima-ca.der $RPM_BUILD_ROOT/usr/share/ima/ca.der
# Install repo files
install -d -m 755 $RPM_BUILD_ROOT/etc/yum.repos.d
@ -384,7 +388,10 @@ rm -f "$TMPRING"
%files -n fedora-gpg-keys
%dir /etc/pki/rpm-gpg
/etc/pki/rpm-gpg/RPM-GPG-KEY-*
# ima-certs
/etc/keys/ima/fedora*ima*
/usr/share/ima/ca.der
%files ostree
@ -397,6 +404,24 @@ rm -f "$TMPRING"
%changelog
* Tue Feb 04 2025 Patrik Polakovic <patrik@alphamail.org> - 40.4
- Add RPM-GPG-KEY-fedora-44-primary
* Tue Aug 20 2024 Samyak Jain <samyak.jn11@gmail.com> - 40-3
- Add RPM-GPG-KEY-fedora-43-primary
* Thu May 23 2024 Coiby Xu <coxu@redhat.com> - 40-2
- add/update IMA certs
* Sat Apr 06 2024 Kevin Fenzi <kevin@scrye.com> - 40-1
- Disable updates-testing for f40 final release.
* Tue Feb 27 2024 Kevin Fenzi <kevin@scrye.com> - 40-0.4
- Enable updates-testing for branched. Fixes rhbz#2266096
* Tue Feb 13 2024 Samyak Jain <samyak.jn11@gmail.com> - 40-0.3
- Update Rawhide definition to F41
* Wed Sep 27 2023 Sandro Bonazzola <sbonazzo@redhat.com> - 40-0.2
- Allow ELN installation without Rawhide repos