On Sat, Jan 1, 2022 at 5:51 AM Vitaly Zaitsev via devel
<devel(a)lists.fedoraproject.org> wrote:
On 31/12/2021 20:03, Nico Kadel-Garcia wrote:
> Sounds like, if this is enabled, they'll need a GPG key associated
> with their personal repository.
Locally built packages are always unsigned.
They don't have to be, but yes, by default they are.
And note, you can already configure DNF to require GPG validation of
local packages by setting localpkg_gpgcheck=1 in dnf.conf.
--
真実はいつも一つ!/ Always, there's only one truth!