Sophie

Sophie

distrib > Mageia > 7 > aarch64 > by-pkgid > 7e647d9940d31b34c253e6f71c416c4b > files > 3121

bzr-2.7.0-6.mga7.aarch64.rpm


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
  "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
  <head>
    <meta http-equiv="X-UA-Compatible" content="IE=Edge" />
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
    <title>GnuPG Signatures &#8212; Bazaar 2.7.0 documentation</title>
    <link rel="stylesheet" href="../_static/classic.css" type="text/css" />
    <link rel="stylesheet" href="../_static/pygments.css" type="text/css" />
    
    <script type="text/javascript" id="documentation_options" data-url_root="../" src="../_static/documentation_options.js"></script>
    <script type="text/javascript" src="../_static/jquery.js"></script>
    <script type="text/javascript" src="../_static/underscore.js"></script>
    <script type="text/javascript" src="../_static/doctools.js"></script>
    <script type="text/javascript" src="../_static/language_data.js"></script>
    
    <link rel="shortcut icon" href="../_static/bzr.ico"/>
    <link rel="search" title="Search" href="../search.html" />
    <link rel="next" title="BzrTools" href="bzrtools_plugin.html" />
    <link rel="prev" title="Exporting version information" href="version_info.html" /> 
  </head><body>
    <div class="related" role="navigation" aria-label="related navigation">
      <h3>Navigation</h3>
      <ul>
        <li class="right" style="margin-right: 10px">
          <a href="bzrtools_plugin.html" title="BzrTools"
             accesskey="N">next</a></li>
        <li class="right" >
          <a href="version_info.html" title="Exporting version information"
             accesskey="P">previous</a> |</li>
<li><a href="http://bazaar.canonical.com/">
    <img src="../_static/bzr icon 16.png" /> Home</a>&nbsp;|&nbsp;</li>
<a href="http://doc.bazaar.canonical.com/en/">Documentation</a>&nbsp;|&nbsp;</li>

        <li class="nav-item nav-item-0"><a href="../index.html">Table of Contents (2.7.0)</a> &#187;</li>

          <li class="nav-item nav-item-1"><a href="index.html" accesskey="U">Bazaar User Guide</a> &#187;</li> 
      </ul>
    </div>  

    <div class="document">
      <div class="documentwrapper">
        <div class="bodywrapper">
          <div class="body" role="main">
            
  <div class="section" id="gnupg-signatures">
<h1>GnuPG Signatures<a class="headerlink" href="#gnupg-signatures" title="Permalink to this headline">¶</a></h1>
<div class="section" id="reasons-to-sign-your-repository">
<h2>Reasons to Sign Your Repository<a class="headerlink" href="#reasons-to-sign-your-repository" title="Permalink to this headline">¶</a></h2>
<p>Bazaar can sign revisions using GnuPG, a Free Software implementation of the
OpenPGP digital signature format.  By signing commits a person wanting to
make use of a branch can be confident where the code came from, assuming the
GnuPG keys used can be verified.  This could for example prevent worry about
compromised code in the case where a server hosting Bazaar branches has been
hacked into.  It could also be used to verify that all code is written by a
select group of people, such as if contributor agreements are needed.</p>
<p>Signatures are passed around with commits during branch, push, merge and other
operations.</p>
</div>
<div class="section" id="setting-up-gnupg">
<h2>Setting up GnuPG<a class="headerlink" href="#setting-up-gnupg" title="Permalink to this headline">¶</a></h2>
<p>There are many guides to creating a digital signature key with GnuPG.  See
for example the <a class="reference external" href="http://www.gnupg.org/gph/en/manual.html#AEN26">GnuPG Handbook</a> or the <a class="reference external" href="https://help.launchpad.net/YourAccount/ImportingYourPGPKey">Launchpad Wiki</a>.</p>
</div>
<div class="section" id="signing-commits">
<h2>Signing Commits<a class="headerlink" href="#signing-commits" title="Permalink to this headline">¶</a></h2>
<p>To sign commits as they are made turn on the <code class="docutils literal notranslate"><span class="pre">create_signatures</span></code>
configuration option in your <code class="docutils literal notranslate"><span class="pre">bazaar.conf</span></code> or <code class="docutils literal notranslate"><span class="pre">locations.conf</span></code> file:</p>
<div class="highlight-default notranslate"><div class="highlight"><pre><span></span><span class="n">create_signatures</span> <span class="o">=</span> <span class="n">always</span>
</pre></div>
</div>
<p>When you next make a commit it will ask for the pass phrase for your GnuPG key.
If you want GnuPG to remember your password ensure you have <code class="docutils literal notranslate"><span class="pre">gnupg-agent</span></code>
installed.</p>
<p>To sign previous commits to a branch use <code class="docutils literal notranslate"><span class="pre">sign-my-commits</span></code>.  This will go
through all revisions in the branch and sign any which match your
commit name.  You can also pass the name of a contributor to <code class="docutils literal notranslate"><span class="pre">sign-my-commits</span></code>
to sign someone else’s commits or if your GnuPG key does not match your Bazaar
name and e-mail:</p>
<div class="highlight-default notranslate"><div class="highlight"><pre><span></span><span class="n">bzr</span> <span class="n">sign</span><span class="o">-</span><span class="n">my</span><span class="o">-</span><span class="n">commits</span> <span class="o">.</span> <span class="s2">&quot;Amy Pond &lt;amy@example.com&gt;&quot;</span>
</pre></div>
</div>
<p>It will not sign commits which already have a signature.</p>
<p>To sign a single commit or a range of commits use the (hidden) command
<code class="docutils literal notranslate"><span class="pre">re-sign</span></code>:</p>
<div class="highlight-default notranslate"><div class="highlight"><pre><span></span><span class="n">bzr</span> <span class="n">re</span><span class="o">-</span><span class="n">sign</span> <span class="o">-</span><span class="n">r</span> <span class="mi">24</span>
</pre></div>
</div>
<p><code class="docutils literal notranslate"><span class="pre">re-sign</span></code> is also useful to change an existing signature.</p>
<p>By default Bazaar will tell GnuPG to use a key with the same user
identity as the one set with <code class="docutils literal notranslate"><span class="pre">whoami</span></code>.  To override this set
<code class="docutils literal notranslate"><span class="pre">gpg_signing_key</span></code> in bazaar.conf or locations.conf.</p>
<blockquote>
<div><p><code class="docutils literal notranslate"><span class="pre">gpg_signing_key=DD4D5088</span></code></p>
<p><code class="docutils literal notranslate"><span class="pre">gpg_signing_key=amy&#64;example.com</span></code></p>
</div></blockquote>
</div>
<div class="section" id="verifying-commits">
<h2>Verifying Commits<a class="headerlink" href="#verifying-commits" title="Permalink to this headline">¶</a></h2>
<p>Signatures can be verified with the <code class="docutils literal notranslate"><span class="pre">bzr</span> <span class="pre">verify-signatures</span></code> command.  By
default this will check all commits in the branch and notify that all commits
are signed by known trusted signatures.  If not all commits have trusted
signatures it will give a summary of the number of commits which are invalid,
having missing keys or are not signed.</p>
<p>The <code class="docutils literal notranslate"><span class="pre">verify-signatures</span></code> command can be given a comma separated list of key
patters to specify a list of acceptable keys.  It can also take a range of
commits to verify in the current branch.  Finally using the verbose option will
list each key that is valid or authors for commits which failed:</p>
<div class="highlight-default notranslate"><div class="highlight"><pre><span></span>$bzr verify-signatures -kamy -v -r 1..5
1 commit with valid signature
  Amy Pond &lt;amy@example.com&gt; signed 4 commits
0 commits with unknown keys
1 commit not valid
  1 commit by author The Doctor &lt;doctor@example.com&gt;
0 commits not signed
</pre></div>
</div>
</div>
<div class="section" id="work-in-progress">
<h2>Work in Progress<a class="headerlink" href="#work-in-progress" title="Permalink to this headline">¶</a></h2>
<p>There is still a number of digital signature related features which
are hoped to be added to Bazaar soon.  These include bzr explorer
integration and setting branches to require signatures.</p>
</div>
</div>


          </div>
        </div>
      </div>
      <div class="sphinxsidebar" role="navigation" aria-label="main navigation">
        <div class="sphinxsidebarwrapper">
  <h3><a href="../index.html">Table of Contents</a></h3>
  <ul>
<li><a class="reference internal" href="#">GnuPG Signatures</a><ul>
<li><a class="reference internal" href="#reasons-to-sign-your-repository">Reasons to Sign Your Repository</a></li>
<li><a class="reference internal" href="#setting-up-gnupg">Setting up GnuPG</a></li>
<li><a class="reference internal" href="#signing-commits">Signing Commits</a></li>
<li><a class="reference internal" href="#verifying-commits">Verifying Commits</a></li>
<li><a class="reference internal" href="#work-in-progress">Work in Progress</a></li>
</ul>
</li>
</ul>

  <h4>Previous topic</h4>
  <p class="topless"><a href="version_info.html"
                        title="previous chapter">Exporting version information</a></p>
  <h4>Next topic</h4>
  <p class="topless"><a href="bzrtools_plugin.html"
                        title="next chapter">BzrTools</a></p>
  <div role="note" aria-label="source link">
    <h3>This Page</h3>
    <ul class="this-page-menu">
      <li><a href="../_sources/user-guide/gpg_signatures.txt"
            rel="nofollow">Show Source</a></li>
    </ul>
   </div>
<div id="searchbox" style="display: none" role="search">
  <h3>Quick search</h3>
    <div class="searchformwrapper">
    <form class="search" action="../search.html" method="get">
      <input type="text" name="q" />
      <input type="submit" value="Go" />
      <input type="hidden" name="check_keywords" value="yes" />
      <input type="hidden" name="area" value="default" />
    </form>
    </div>
</div>
<script type="text/javascript">$('#searchbox').show(0);</script>
        </div>
      </div>
      <div class="clearer"></div>
    </div>
    <div class="related" role="navigation" aria-label="related navigation">
      <h3>Navigation</h3>
      <ul>
        <li class="right" style="margin-right: 10px">
          <a href="bzrtools_plugin.html" title="BzrTools"
             >next</a></li>
        <li class="right" >
          <a href="version_info.html" title="Exporting version information"
             >previous</a> |</li>
<li><a href="http://bazaar.canonical.com/">
    <img src="../_static/bzr icon 16.png" /> Home</a>&nbsp;|&nbsp;</li>
<a href="http://doc.bazaar.canonical.com/en/">Documentation</a>&nbsp;|&nbsp;</li>

        <li class="nav-item nav-item-0"><a href="../index.html">Table of Contents (2.7.0)</a> &#187;</li>

          <li class="nav-item nav-item-1"><a href="index.html" >Bazaar User Guide</a> &#187;</li> 
      </ul>
    </div>
    <div class="footer" role="contentinfo">
        &#169; Copyright 2009-2011 Canonical Ltd.
      Created using <a href="http://sphinx-doc.org/">Sphinx</a> 1.8.4.
    </div>
  </body>
</html>

Perl :: Catalyst :: PostgreSQL :: RPM Valid HTML 4.01 Transitional