diff options
author | Paul Moore <paul@paul-moore.com> | 2020-01-06 21:32:16 -0500 |
---|---|---|
committer | Paul Moore <paul@paul-moore.com> | 2020-01-08 00:34:46 -0500 |
commit | ea4dafc0f45d859f4ff157f1120e77d0f01f5473 (patch) | |
tree | 2b3f6ba6aa9c96d8a3f956e22c63c30246ccbb3e | |
parent | 1b6cfd1fc0b7499a28c24299a93a80bd18619563 (diff) | |
download | libseccomp-ea4dafc0f45d859f4ff157f1120e77d0f01f5473.tar.gz |
doc: add a section on release tarball signatures to README.md
(imported from commit e5c4b5ee8086b936d28b080e5477950f632b4d43)
Reviewed-by: Tom Hromatka <tom.hromatka@oracle.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
-rw-r--r-- | README.md | 18 |
1 files changed, 18 insertions, 0 deletions
@@ -63,6 +63,24 @@ CHANGELOG files. Those who are interested in contributing to the the project are encouraged to read the CONTRIBUTING in the top level directory. +## Verifying Release Tarballs + +Before use you should verify the downloaded release tarballs and checksums +using the detached signatures supplied as part of the release; the detached +signature files are the "*.asc" files. If you have GnuPG installed you can +verify detached signatures using the following command: + + # gpg --verify file.asc file + +At present, only the following keys are authorized to sign official libseccomp +releases: + + Paul Moore <paul@paul-moore.com> + 7100 AADF AE6E 6E94 0D2E 0AD6 55E4 5A5A E8CA 7C8A + + Tom Hromatka <tom.hromatka@oracle.com> + 47A6 8FCE 37C7 D702 4FD6 5E11 356C E62C 2B52 4099 + ## Building and Installing the Library If you are building the libseccomp library from an official release tarball, |