plugins README re: selinux koji-sign policy

This commit is contained in:
Trevor Batley 2024-09-28 12:40:46 +10:00
parent 4fdaff9d0a
commit 53be9f3cbf

View File

@ -27,6 +27,13 @@ Make sure that the koji-sign selinux policy is installed and enabled
semodule --list-modules=full | grep koji-sign semodule --list-modules=full | grep koji-sign
If it's not listed
- copy down the koji-sign.te file, compile and install it
checkmodule -V -M -m -o koji-sign.mod koji-sign.te
semodule_package -o koji-sign.pp -m koji-sign.mod
semodule -i koji-sign.pp
Ensure that httpd can use tty Ensure that httpd can use tty
getsebool daemons_use_tty getsebool daemons_use_tty
@ -36,11 +43,11 @@ If not --> on, set it
setsebool -P daemons_use_tty 1 setsebool -P daemons_use_tty 1
Copy your gpg keys etc. into /etc/koji-hub/gnupgp Copy your gpg keys etc. into /etc/koji-hub/plugins/gnupg/
Copy sign.conf into /etc/koji-hub-plugins Copy sign.conf into /etc/koji-hub/plugins/
Edit /etc/koji-hub-plugins/sign.conf to have the correct gpg key names for each tag Edit /etc/koji-hub/plugins/sign.conf to have the correct gpg key names for each tag
### tag2distrepo ### tag2distrepo