On Mon, 2007-06-11 at 15:11 -0400, Bill Nottingham wrote:
rob myers (rob.myers(a)gtri.gatech.edu) said:
> why not have mash write a signed rpm out instead of just warning users
> when a package has cached signatures, but no signed rpm?
>
> lightly tested patch attached.
That would require the user running mash to authenticate to koji
with a fairly high level of privelege, which seemed somewhat outside of
the scope of it.
that makes sense. is there a more natural place for this sort of
housekeeping?
rob.