retiring gpg-pubkey packages
Axel Thimm
Axel.Thimm at ATrpms.net
Sat Jun 2 07:10:28 UTC 2007
Hi,
On Fri, Jun 01, 2007 at 08:03:27AM -0700, Steve G wrote:
> I was also looking over the "yum list extras" and noticed something. It ignores
> the gpg-pubkey packages.
>
> [root ~]# rpm -q gpg-pubkey
> gpg-pubkey-db42a60e-37ea5438
> gpg-pubkey-731002fa-400b9109
> gpg-pubkey-db42a60e-37ea5438
> gpg-pubkey-4f2a6fd2-3f9d9d3b
> gpg-pubkey-1ac70ce6-41bebeef
> gpg-pubkey-db42a60e-37ea5438
>
> Do we have any utility that identifies old keys that are no longer needed? Seems
> like you'd want to carry only the latest for security reasons.
How should the system know whether it is needed or not? You may have
not pulled yet a single package from the repo in question (like
rawhide, ATrpms etc), so it boils down to a matter of site policy.
In theory, if all keys are mentioned in the yum config files, you can
remove all and let yum get back only the ones that are registred in
there.
--
Axel.Thimm at ATrpms.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/fedora-devel-list/attachments/20070602/a5af83d5/attachment.sig>
More information about the fedora-devel-list
mailing list