RPM -- Re: Force RPM to check GPG key

Re: Force RPM to check GPG key

Subject: Re: Force RPM to check GPG key

From: George Machitidze <giomac@xxxxxxxxx>

Date: Tue, 17 Apr 2012 17:14:34 +0400

In-reply-to: <CACB_2Gby9Zm0ewVdJqzp2D8vKu=5Os-ohKqbZVutpsgOyxuHKg@mail.gmail.com>

References: <CA+nv05jwwj0ipTtWmBpHBAhHAZHQ83Yxb=ffUWtq7=-R0ATvBA@mail.gmail.com> <CACB_2Gby9Zm0ewVdJqzp2D8vKu=5Os-ohKqbZVutpsgOyxuHKg@mail.gmail.com>

I need to have this option by default without adding command line option to rpm. yum is checking for GPG key by default in case gpgcheck is not set to 0.

Maybe it's possible through rpmrc, but I couldn't find option for that.

Best regards,
George Machitidze

On Tue, Apr 17, 2012 at 5:09 PM, Greg Swift <gregswift@xxxxxxxxx> wrote:

On Tue, Apr 17, 2012 at 07:43, George Machitidze <giomac@xxxxxxxxx> wrote:
> Hi
>
> I want to force rpm during the package update or install to check if RPM
> package is signed (public key is imported).
> Is there a safe way to do this?

So you can add -K|--checksig to your installation command if using rpm
directly (ie: rpm -ivhK package.rpm)

I don't know how one would force that as a system wide configuration
option. Setting it as an alias doesn't seem to work because of other
non install related commands not liking their options after the -K.

With yum you can set a repository to gpgcheck=1 which will force it
unless manually disabled.
_______________________________________________
Rpm-list mailing list
Rpm-list@xxxxxxxxxxxxx
http://lists.rpm.org/mailman/listinfo/rpm-list

_______________________________________________ Rpm-list mailing list Rpm-list@xxxxxxxxxxxxx http://lists.rpm.org/mailman/listinfo/rpm-list