web site updates

[Todd]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

seth vidal wrote:
>> If yum were going to automatically install these keys, I think it
>> should do so to an alternate keyring, like up2date did.  I don't know
>> the most FHS compliant place to locate this, /etc/yum/keyring.gpg or
>> /var/lib/yum/keyring.gpg perhaps.  Then, gpgkeyring would have to be
>> set in /etc/yum.conf.
>
> actually, you can do this for yum 1.0.X:
>
>       gpghome
>               Directory to be used to look for the gpg public key
>               ring default is /root/.gnupg
>
>        gpgkeyring
>               alternative keyring filename. Default is use normal
>               keyring location

Right.  That's what I was suggesting was a possible method if the yum
rpm were going to automatically install any gpg keys.  I've never used
that feature, but I knew it was there from reading the man page (yeah,
I tend to do that still :).

> I don't think it is handy b/c it makes rpm -K's fail if that isn't
> the path set for rpm as well.

That's an even better reason than one's I'd thought of previously to
not do this at all.  And that's just fine with me.  I think there
ought to be some user interaction when setting up one of the prime
security measures guarding against trojan packages.

- -- 
Todd        OpenPGP -> KeyID: 0xD654075A | URL: www.pobox.com/~tmz/pgp
======================================================================
Never take life seriously.  Nobody gets out alive anyway.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: When crypto is outlawed bayl bhgynjf jvyy unir cevinpl.

iD8DBQFAGqu2uv+09NZUB1oRAvXSAKC6KF5pG9nCrjGj4aZn/z6gpZGMeACdH6cG
1cesIDNIG/hQdCAO7d/FLhE=
=fHGg
-----END PGP SIGNATURE-----