[system-administrators-guide/17] Edited the Checking a Package's Signature section for clarity.

jhradile jhradile at fedoraproject.org
Mon Oct 22 16:27:35 UTC 2012 

commit 34080f3624c8f4ae6447bc7f6b59a4cca67bde91
Author: Jaromir Hradilek <jhradilek at redhat.com>
Date:   Mon Oct 22 13:40:13 2012 +0200

    Edited the Checking a Package's Signature section for clarity.

 en-US/RPM-Checking_Package_Signatures-Fedora.xml |    9 +++------
 1 files changed, 3 insertions(+), 6 deletions(-)
---
diff --git a/en-US/RPM-Checking_Package_Signatures-Fedora.xml b/en-US/RPM-Checking_Package_Signatures-Fedora.xml
index a9e2167..0292dac 100644
--- a/en-US/RPM-Checking_Package_Signatures-Fedora.xml
+++ b/en-US/RPM-Checking_Package_Signatures-Fedora.xml
@@ -9,12 +9,9 @@
     <primary>RPM</primary>
     <secondary>md5sum</secondary>
   </indexterm>
-  <para>If you wish to verify that a package has not been corrupted or tampered with, you can examine just the md5sum by entering this command at the shell prompt (where <replaceable>&lt;rpm_file&gt;</replaceable> is the file name of the RPM package):</para>
-  <screen>
-<command>rpm -K --nosignature <replaceable>&lt;rpm_file&gt;</replaceable>
-    </command>
-  </screen>
-  <para>The output <computeroutput><replaceable>&lt;rpm_file&gt;</replaceable>: rsa sha1 (md5) pgp md5 OK</computeroutput> (specifically the <emphasis>OK</emphasis> part of it) indicates that the file was not corrupted during download. To see a more verbose message, replace <option>-K</option> with <option>-Kvv</option> in the command.</para>
+  <para>To verify that a package has not been corrupted or tampered with, examine the checksum by typing the following command at a shell prompt (where <replaceable>&lt;rpm_file&gt;</replaceable> is the file name of the RPM package):</para>
+  <screen><command>rpm -K --nosignature <replaceable>&lt;rpm_file&gt;</replaceable></command></screen>
+  <para>If the message <computeroutput><replaceable>&lt;rpm_file&gt;</replaceable>: sha1 md5 OK</computeroutput> (specifically the <emphasis>OK</emphasis> part of it) is displayed, the file was not corrupted during download. To see a more verbose message, replace <option>-K</option> with <option>-Kvv</option> in the command.</para>
   <para>On the other hand, how trustworthy is the developer who created the package? If the package is <firstterm>signed</firstterm> with the developer's GnuPG <firstterm>key</firstterm>, you know that the developer really is who they say they are.</para>
   <indexterm
     significance="normal">

More information about the docs-commits mailing list