Blog Entries

02. 04. 2021 Andrea Avancini NetEye

Signing NetEye RPMs

When you have to publicly release software like we do with NetEye every two months, it’s fundamental that users can verify that software: in our case that the RPMs that we build come from us and not from someone who pretends to be us, that they have not been tampered with, and that they do…

Read More
02. 04. 2021 Alessandro Valentini NetEye

RPM Package Verification

Why it’s important to use signed packages RPM signing is an often underestimated feature: you use official repositories, why shouldn’t you trust them? Those repositories are also probably protected with TLS encryption, so you feel safe against man-in-the-middle attacks. But you may not be as safe as you think you are. Have you heard about that time when the repository…

Read More
30. 09. 2020 Benjamin Gröber Development, NetEye

Tips & Tricks for Building RPM Packages

An RPM (RedHat Package Manager) package is the file format used by RHEL and CentOS, and their package manager yum (now called dnf). Since NetEye is based on CentOS, we use this standard package manager for distribution. How an RPM is constructed is defined in so-called spec files. In this blog post I’m going to…

Read More