[Yum] gpg sig checking

seth vidal skvidal at phy.duke.edu
Fri Apr 11 06:11:00 UTC 2003


On Thu, 2003-04-10 at 17:45, Miles Egan wrote:
> We have a group of sysadmins that build packages for us and we'd like to
> make sure that only packages built by one of the approved maintainers
> can be installed.


hmm.
so would you want something like:

keyids: keyid1 keyid2 keyid3 

for each repo - if a pkg sig doesn't match one of those keyids then it
exits and complains? What if the gpg-pubkey is even in the rpmdb?
-sv





More information about the Yum mailing list