[Yum] gpg sig checking
Troy Dawson
dawson at fnal.gov
Fri Apr 11 13:08:43 UTC 2003
Hi,
Pardon my ignorance, since we didn't move to 8.0, and jumping from 9.0 to 7.3
I'm still new to this signiture thing.
seth vidal wrote:
> Hi all,
> So someone was kinda bugging me about making gpg sig checking a
> mandatory DEFAULT. I wanted to hear y'all responses.
>
> What if gpgcheck=1 was the default and if you set gpgcheck=0 yum would
> warn you about the danger of such actions?
>
I believe I would want a ignore completely option. So gpgcheck=2 won't
install without one, gpgcheck=1 warns you, and gpgcheck=0 completely ignores it.
> How annoying would that be to everyone?
>
very
> And would it really matter?
>
When we first started installing RedHat 9.0, somehow we didn't have thier
public key, or one of their public keys. I don't know how it happened, but
about half of the packages we installed yelled at us.
Let's say that happens again, then none of our updates would work.
Also, we don't currently use a key for the packages we make here (which is
quite a few), this would cause alot of undu concern if everytime someone
installed one of our packages, they were warned. Granted we could start doing
that, but then we would also have to remake all of the packages we have, as
well as convince all the other programers to put it in theirs.
> are gpgsigs as ignored as I think they are?
>
By the average user, yes. But you're talking to the main sysadmins here.
My final vote, as long as we can change it in the yum.conf file, I'm not too
worried about what you do as default :)
Troy
--
__________________________________________________
Troy Dawson dawson at fnal.gov (630)840-6468
Fermilab ComputingDivision/OSS CSI Group
__________________________________________________
More information about the Yum
mailing list