[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: retiring gpg-pubkey packages



Hi,

On Fri, Jun 01, 2007 at 08:03:27AM -0700, Steve G wrote:
> I was also looking over the "yum list extras" and noticed something. It ignores
> the gpg-pubkey packages.
> 
> [root ~]# rpm -q gpg-pubkey
> gpg-pubkey-db42a60e-37ea5438
> gpg-pubkey-731002fa-400b9109
> gpg-pubkey-db42a60e-37ea5438
> gpg-pubkey-4f2a6fd2-3f9d9d3b
> gpg-pubkey-1ac70ce6-41bebeef
> gpg-pubkey-db42a60e-37ea5438
> 
> Do we have any utility that identifies old keys that are no longer needed? Seems
> like you'd want to carry only the latest for security reasons.

How should the system know whether it is needed or not? You may have
not pulled yet a single package from the repo in question (like
rawhide, ATrpms etc), so it boils down to a matter of site policy.

In theory, if all keys are mentioned in the yum config files, you can
remove all and let yum get back only the ones that are registred in
there.
-- 
Axel.Thimm at ATrpms.net

Attachment: pgpaLoVyOe8PK.pgp
Description: PGP signature


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]