FC3T2 up2date - <package> is not signed with a GPG signature
William Hooper
whooperhsd3 at earthlink.net
Tue Sep 28 18:06:10 UTC 2004
John Reiser said:
>> All packages part of full releases and updates to full releases and
>> even package as part of test releases get signatures. The lack of signing
>> is strictly a development branch issue.
>
> Yes: it annoys the testers because the only choices in RHN gui up2date
> are "accept ALL unsigned packages" or "make downloading an on-line activity
> by requiring immediate interaction for EACH unsigned package."
>
> There should be two more options:
>
>
> 1. Wait until all packages have been downloaded before requiring
> interactivity. Dribble the individual unsigned warnings into a list box as
> they are detected, but do not pause for user OK until all packages have
> been downloaded.
up2date --nosig -du
> 2. Automatically omit unsigned packages: from the download if possible,
> else from the install. This may cause other package installls to fail
> because of required dependencies, etc.
How do you know if a package is signed without downloading it?
--
William Hooper
More information about the fedora-test-list
mailing list