EL9 does not allow RPM keys with SHA1 headers to be imported by default, so we've generated a newer RPM-GPG-KEY-openzfs-key2 SHA512 signing key. This key will initially be used on EL9, and on Fedora >= 37. This also means that we are reverting back to building versioned zfs-release RPMs (el7, el8, el9, fc35, fc36) rather than having a generic zfs-release RPM for all EL and all Fedora versions, since EL9 must use the new key. This also better matches the Fedora guidelines for packaging.
Furthermore, this commit adds in Obsoletes and Provides sections to the spec file, and removes the automatic key import on Centos 7 to match the behavior of Centos 8-9 and Fedora (where yum will prompt you to install the key).
Add new SHA512 RPM key, use per-disto RPMs
EL9 does not allow RPM keys with SHA1 headers to be imported by default, so we've generated a newer
RPM-GPG-KEY-openzfs-key2
SHA512 signing key. This key will initially be used on EL9, and on Fedora >= 37. This also means that we are reverting back to building versioned zfs-release RPMs (el7, el8, el9, fc35, fc36) rather than having a generic zfs-release RPM for all EL and all Fedora versions, since EL9 must use the new key. This also better matches the Fedora guidelines for packaging.Furthermore, this commit adds in
Obsoletes
andProvides
sections to the spec file, and removes the automatic key import on Centos 7 to match the behavior of Centos 8-9 and Fedora (where yum will prompt you to install the key).