Rechercher une page de manuel
debsigs.1p
Langue: en
Version: 2009-05-15 (debian - 07/07/09)
Section: 1 (Commandes utilisateur)
NAME
debsigs - process signatures in .deb packagesSYNOPSIS
debsigs --list|-l [-v] file [file...]debsigs --sign=type [--default-key=keyID] [-v] file [file...]
debsigs --verify|--check|-c file [file...]
debsigs --delete=type file [file...]
DESCRIPTION
debsigs is used to manipulate the cryptographic signatures stored inside a .deb file. It is not used to verify those signatures; for that purpose, see debsig-verify(1).OPTIONS
- --list or -l or -t
- Lists the signatures found in the specified file.
- --sign=type
- Creates a new signature of the type specified in the given file. The signature will be created using the default key for your GPG keyring. See ``SIGNATURE TYPES'' below for possible values of the "type" field.
- --default-key=keyID
- Uses a key other than the default for signing the package.
- --secret-keyring=file or -K file
- Uses a keyring other than the default for signing the package. This option is passed along to GPG verbatim; see the discussion in the gpg(1) manpage for information on how to specify the keyring file.
- -v
- Displays verbose output.
- --verify or --check or -c
- Invokes debsig-verify to check the validity of the signature on this package.
- --delete=type
- Deletes the signature of the specified type from the package.
SIGNATURE TYPES
A Debian package may carry different types of signatures. The most commonly-used ones are:- •
- "origin"
The official signature of the organization which distributes the package, usually the Debian Project or a GNU/Linux distribution derived from it. This signature may be added automatically.
- •
- "maint"
The signature of the maintainer of the Debian package. This signature should be added by the maintainer before uploading the package.
- •
- "archive"
An automatically-added signature renewed periodically to ensure that a package downloaded from an online archive is indeed the latest version distributed by the organization.
See the /usr/share/doc/debsigs/signing-policy.txt file for more information and rationale for the different signature types.
FUTURE DIRECTIONS
It would be nice to have a command-line option to change the command used for signing, instead of hard-coding ``gpg''.AUTHOR
John Goerzen <jgoerzen@progenylinux.com>SEE ALSO
debsig-verify(1), gpg(1)Contenus ©2006-2024 Benjamin Poulain
Design ©2006-2024 Maxime Vantorre