[Yum-devel] gpg importing script

seth vidal skvidal at phy.duke.edu
Sat Jan 15 06:24:35 UTC 2005


On Sat, 2005-01-15 at 10:15 +1000, Menno Smits wrote:
> seth vidal wrote:
> > Menno,
> >  I just got a chance to test in use your gpg key import patch. It works
> > ok - but one question:
> > 
> > Do you think we should disable the check for any installed keys if
> > anything is marked gpgcheck=1 that happens early on?
> 
> I did think of this check when I was working on the gpgkey patch ... and 
> then forgot about it :(

That's what happens to all the good ideas. :) I do the same thing all
the time.


> > Seeing as your patch makes importing the keys automatic there's almost
> > no reason to have the catch.
> > 
> > I could make it so if gpgkey is not defined anywhere and gpgcheck=1 then
> > throw up the warning.
> 
> I think this is the way to go. Something like:
> 
> if (there are no gpg keys in rpmdb) and
>     ((gpgcheck is 1 globally and gpgkey is not set for any repo) or
>      (gpgcheck=1 for a repo and gpgkey is not set for that repo)):
> 	display_warning()
>   	exit()

I got it.

I did it this way:
if not self.gpgKeyCheck(): # if we don't have any gpg keys in the rpmdb
    for repo in self.repos.listEnabled(): 
        if repo.gpgcheck and repo.gpgkey == '': # if a repo is set to   
                                                # check and no gpgkey
        display_warning()
        exit()

since the gpgcheck globally is only used as default setting for the
repositories' gpgcheck value it seemed to make sense to do it this way.

and I updated the warning message, too:

You have enabled checking of packages via GPG keys. 
This is a good thing. However, you do not have any GPG public keys
installed. You need to download the keys for packages you wish to
install and install them. You can do that by running the command:
    rpm --import public.gpg.key


Alternatively you can specify the url to the key you would like to use
for a repository in the 'gpgkey' option in a repository section and yum 
will install it for you.

For more information contact your distribution or package provider.


work for you?
-sv





More information about the Yum-devel mailing list