INN commit: branches/2.5/control (perl-nocem.in)
rra at isc.org
Sat May 17 06:25:27 UTC 2014
Date: Friday, May 16, 2014 @ 23:25:27
Mention the expected rights for ncmring.gpg in perl-nocem man page
perl-nocem.in | 18 +++++++++++-------
1 file changed, 11 insertions(+), 7 deletions(-)
--- perl-nocem.in 2014-05-17 06:24:44 UTC (rev 9639)
+++ perl-nocem.in 2014-05-17 06:25:27 UTC (rev 9640)
@@ -526,15 +526,19 @@
the authenticity of their notices. You can do:
gpg --no-default-keyring --primary-keyring <pathetc>/pgp/ncmring.gpg --import <key-file>
+ chmod 644 <pathetc>/pgp/ncmring.gpg
-where <pathetc> is the value of the I<pathetc> parameter set in F<inn.conf>
-and <key-file> the file containing the key(s) to import. The keyring must
-be located in <pathetc>/pgp/ncmring.gpg; you only have to create the directory
-<pathetc>/pgp before using B<gpg> (it will automatically generate the
-F<ncmring.gpg> file). For old PGP-generated keys, you may have to use
+where <pathetc> is the value of the I<pathetc> parameter set in
+F<inn.conf> and <key-file> the file containing the key(s) to import.
+The keyring must be located in <pathetc>/pgp/ncmring.gpg; you only
+have to create the directory <pathetc>/pgp before using B<gpg> (it will
+automatically generate the F<ncmring.gpg> file) and make sure the news
+user can read this file, once generated.
+For old PGP-generated keys, you may have to use
B<--allow-non-selfsigned-uid> if they are not properly self-signed,
-but anyone creating a key really should self-sign the key. Current
-PGP implementations do this automatically.
+but anyone creating a key really should self-sign the key. Current PGP
+implementations do this automatically.
The keys of NoCeM issuers can be found in the web site of I<The NoCeM Registry>:
L<http://rosalind.home.xs4all.nl/nocemreg/nocemreg.html>. You can even
More information about the inn-committers