I'd like to try out LibreOffice so I downloaded and unpacked the rpms into a new folder and following the readme instructions did
# su -c 'yum install *.rpm'
which produced a long list of packages and depchecks, apparently successfully but then gave:
Install 50 Package(s)
Total size: 436 M Installed size: 436 M Is this ok [y/N]: y Downloading Packages:
Package libobasis3.3-en-US-base-3.3.0-6.x86_64.rpm is not signed [dave@davehost RPMS]$
I know how to disable gpg checking in a .repo file but don't know how to deal with it here where there doesn't seem to be one. Ideas? F14 if it matters.
Dave
On Wed, 2011-01-26 at 12:58 -0800, Dave Stevens wrote:
Package libobasis3.3-en-US-base-3.3.0-6.x86_64.rpm is not signed [dave@davehost RPMS]$
I know how to disable gpg checking in a .repo file but don't know how to deal with it here where there doesn't seem to be one. Ideas? F14 if it matters.
yum --nogpg install ...
poc
On Wednesday, January 26, 2011 01:16:36 pm Patrick O'Callaghan wrote:
On Wed, 2011-01-26 at 12:58 -0800, Dave Stevens wrote:
Package libobasis3.3-en-US-base-3.3.0-6.x86_64.rpm is not signed [dave@davehost RPMS]$
I know how to disable gpg checking in a .repo file but don't know how to deal with it here where there doesn't seem to be one. Ideas? F14 if it matters.
yum --nogpg install ...
poc
Thanks, naturally about two seconds after sending the post I was magically able to see the part of the man page that had eluded me. But another difficulty cropped up - abundant conflicts with OO packages, anyone have experience with this? Do I need to uninstall OO to get around this?
Dave
On 01/27/2011 02:28 AM, Dave Stevens wrote:
I know how to disable gpg checking in a .repo file but don't know how to deal with it here where there doesn't seem to be one. Ideas? F14 if it matters.
yum --nogpgcheck foo*.rpm would work. Note that the Fedora 15 version has a change that doesn't check for gpg signatures for local packages by default. Yum still checks gpg signatures for repo packages.
Rahul
On Thu, 2011-01-27 at 03:39 +0530, Rahul Sundaram wrote:
the Fedora 15 version has a change that doesn't check for gpg signatures for local packages by default
That doesn't sound very wise.
Rahul Sundaram <metherid <at> gmail.com> writes:
On 01/27/2011 03:13 PM, Tim wrote:
On Thu, 2011-01-27 at 03:39 +0530, Rahul Sundaram wrote:
the Fedora 15 version has a change that doesn't check for gpg signatures for local packages by default
That doesn't sound very wise.
It is configurable.
Rahul
It should be the other way around.
JB
Rahul Sundaram wrote:
the Fedora 15 version has a change that doesn't check for gpg signatures for local packages by default
Tim:
That doesn't sound very wise.
Rahul Sundaram:
It is configurable.
It still doesn't sound very wise. Good that it's an option, but bad as a default. Perhaps we should change all the security options to off-by-default?
This isn't Windows.
One of the better things about Linux is how things are installed. You can check the RPM before installation, to see what it contains and where it will put it. Packages are signed, as part of the fight against tampering and forgeries, and this signing is checked.
On 01/27/2011 05:16 PM, Tim wrote:
It still doesn't sound very wise. Good that it's an option, but bad as a default. Perhaps we should change all the security options to off-by-default?
yum localinstall is really no different from rpm -ivh in that aspect except for dependency resolving. Anyway, not my decision and a bug report has been filed. So redirect feedback there.
Rahul
On Thu, 2011-01-27 at 17:47 +0530, Rahul Sundaram wrote:
yum localinstall is really no different from rpm -ivh in that aspect except for dependency resolving
When did rpm stop checking for signatures, by default?
On 01/27/2011 06:40 PM, Tim wrote:
On Thu, 2011-01-27 at 17:47 +0530, Rahul Sundaram wrote:
yum localinstall is really no different from rpm -ivh in that aspect except for dependency resolving
When did rpm stop checking for signatures, by default?
RPM checks and posts a mostly ignored warning but doesn't prevent installation of any packages because of that.
Rahul
-
Dave Stevens -
JB -
Patrick O'Callaghan -
Rahul Sundaram -
Tim