test local rpm file in place for consistency, size, etc.

Andre Robatino robatino at fedoraproject.org
Wed Nov 23 04:44:09 UTC 2011

Andre Robatino <robatino <at> fedoraproject.org> writes:

> The old keys are available at https://fedoraproject.org/en/keys under "OBSOLETE
> KEYS" if you want to download and import them.

Should add that by default yum checks RPMs against ANY of your imported keys, so
you should probably uninstall obsolete keys like this after using them.
Importing a key creates a package with a name like
"gpg-pubkey-a82ba4b7-4e2df47d" which you can remove in the usual way. You can
identify which key is which by running "rpm -qi gpg-pubkey-a82ba4b7-4e2df47d |
grep ^Summary", for example. I filed
https://bugzilla.redhat.com/show_bug.cgi?id=422221 a long time ago for yum to
check that a package is signed with a specific repo's key, but it hasn't been
implemented yet.

More information about the users mailing list