RPM's signature-checking is broken by design: rpm --checksig only informs its user of the presence and validity of GPG signatures, not the identity of the signer. In order to find the identity of the key with which a package was signed, you must run rpm -vv --checksig and carefully read the output.
check-sigs.pl automates this process. Run it with the names of the RPMs you wish to check as command-line arguments and it will parse and sort the output of rpm -vv --checksig.
To update an apt repository you must run genbasedir after placing new RPMs in the repository. update-apt.pl automates the installation of RPMs and configuration of apt. To use update-apt.pl, place all the new stable RPMs, sources, SRPMs, and specfiles in /free/PENDING.stable, /free/PENDING.unstable, or /free/PENDING.testing and run update-apt.pl as root. It will move all the relevant files and run genbasedir for the relevant repositories.
update-apt.pl also runs rpm2html to generate web pages for the repository. It uses the configuration file /etc/rpm2html.config. For instructions on rpm2html, see the rpm2html manual. After rpm2html is run, clean-up-rpm2html.pl is run to fix the rpm2html output.
update-apt.pl has the layout of the repository on rpm.rutgers.edu hardcoded in it. To add a distribution (i.e. another supported operating system/architecture combination), add the directory name to @repositories and add an entry to %extensions. Each entry in %extensions is identified by a regexp for the extension of a file; when a file's name matches the regexp, update-apt.pl processes the file based on the entry in %extensions. If the regexp is associated with 'SKIP', update-apt.pl ignores the file. Otherwise the regexp should be associated with a reference to a hash, which must contain an entry for 'DEST', the directory underneath $repository_root where the file should be installed. The string "_component", if present in the 'DEST' entry, will be replaced with the component (in this case stable). The hash can optionally contain an entry for 'REPO'; if it does, the distribution specified by 'REPO' is rebuilt by apt if a file in /free/PENDING.* matches the entry.
To add additional components to the distribution, make the relevant directories in $repository_root and make the directory /free/PENDING.component, where component is the name of the new component. Add the name of the component to @all_components.
If you want the rpmfind web page to display the new components or repositories, edit /etc/rpm2html.config.
By default update-apt.pl will install files with permission 0644. If you wish to change the permission of a file, chmod it after update-apt.pl runs.
Localizing the output of rpm2html can be exceedingly difficult. To replace the text and search form in the rpm2html-generated index.html file, use clean-up-rpm2html.pl.
clean-up-rpm2html.pl is very fragile and should be used with care. To change what it substitutes for rpm2html's text, edit the $local_header variable.