Unsigned packages in yum in FC4T1
Nils Philippsen
nphilipp at redhat.com
Mon Apr 4 07:18:52 UTC 2005
On Sun, 2005-04-03 at 21:31 -0700, Pete Zaitcev wrote:
> Hi, Guys:
>
> Does anyone have an idea what is up with all the "unsigned packages"?
> I have installed FC4T1, but running "yum update" on it gets stuck
> with this:
>
> ........
> Downloading Packages:
> unsigned package gdb-6.3.0.0-1.9.i386.rpm
>
> (it's not important which package is this, there are literally dozens
> and dozens of these)
>
> Seth, can we make yum not to abort when it sees an unsigned package?
> Or at the very least it would be a huge improvement if it printed ALL
> unsigned packages before quitting, and not just the first one.
We had that discussion with FC3 devel (or was it FC2?) already -- I
argued that we should somehow ensure that all packages leaving the build
system (i.e. getting pushed) would be signed with at least some key to
ensure package integrity while others argued that this would somehow
suggest a level of quality in the package which isn't given. The
discussion didn't lead anywhere tangible unfortunately.
Nils
--
Nils Philippsen / Red Hat / nphilipp at redhat.com
"They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety." -- B. Franklin, 1759
PGP fingerprint: C4A8 9474 5C4C ADE3 2B8F 656D 47D8 9B65 6951 3011
More information about the fedora-devel-list
mailing list