yum-presto not on by default
drago01
drago01 at gmail.com
Sat Sep 26 08:27:14 UTC 2009
On Sat, Sep 26, 2009 at 9:53 AM, Kevin Kofler <kevin.kofler at chello.at> wrote:
> drago01 wrote:
>> As for the GPG signature ... can't the drpm itself be signed?
>
> If the metadata is getting signed, it basically is already. The metadata
> contains a checksum of the DRPM, so if the metadata passes the signature
> check and the DRPM matches the checksum, the DRPM's integrity and
> uncompromisedness is verified. So I think it's safe to disable the checksum
> check for the rebuilt RPMs entirely.
Well if this is the case then we can simply not compress the generated
rpms, problem solved.
More information about the fedora-devel-list
mailing list