[Yum-devel] Re: yum and gpgcheck feature request
Jouni.Lohikoski@iki.fi
jlohikos at cc.hut.fi
Wed Apr 6 20:07:24 UTC 2005
On Wed, Apr 06, 2005 at 02:14:28PM -0400, seth vidal wrote:
> if gpgcheck=0 then yum will not check for a gpg key nor for packages to
> be signed by any key.
>
> if gpgcheck=1 then yum will check for a package to be signed AND that it
> matches a key.
>
> where's the problem?
Hmm..so if the package is not signed, gpgcheck=1 will not allow
to install it? If it is so, then forget the feature reuqest :-)
>From the man page:
gpgcheck
Either '1' or '0'. This tells yum whether or not it should per-
form a GPG signature check on packages. When this is set in the
[main] section it sets the default for all repositories. This
option also determines whether or not an install of a package
from a local RPM file will be GPG signature checked. The
default is '0'.
If the package is not signed, rpm-program will accept it even with
--checksig without warnings, which I think is abit dangerous.
But if yum will not allow non signed packages with "gpgcheck=1" then it
is ok.
More information about the Yum-devel
mailing list