tc3t2 up2date/gpg problem
Alexandre Oliva
aoliva at redhat.com
Thu Jul 22 18:19:38 UTC 2004
On Jul 22, 2004, Harald Hoyer <harald at redhat.com> wrote:
> Tony Molloy wrote:
>> As far as I know many of the packages in Rawhide are not signed. Run
>> up2date-config and disable GPG checking.
> /usr/share/doc/fedora-release-2/RPM-GPG-KEY-fedora-rawhide
Yeah, that's for rawhide packages that are signed. But if the key
bearer doesn't happen to run a key signing session between the time a
package is built and the time it's pushed out to rawhide, it will go
out unsigned. That's quite annoying. It would be nice if we could
have anything that goes through the build system signed with a
separate, very weak key, just so that every package in rawhide was
guaranteed to have at least one signature, which would make it easy to
roll daily up2dates onto many boxes.
Personally, what I do is to have a local copy of rawhide and, after my
daily sync, I run a script that looks for unsigned packages among
those recently modified and signs them with my own key. Then, I
up2date all of my home boxes, then rsync again to get the pristine,
unsigned packages back. Not very convenient, but such is life :-)
--
Alexandre Oliva http://www.ic.unicamp.br/~oliva/
Red Hat Compiler Engineer aoliva@{redhat.com, gcc.gnu.org}
Free Software Evangelist oliva@{lsd.ic.unicamp.br, gnu.org}
More information about the test
mailing list