[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [rhn-users] Sources from up2date for already downloaded binaries?

On Sun, 25 May 2003, Lloyd Zusman wrote:

> On Sat, May 24, 2003 at 11:14:15PM -0700, Hattie Rouge wrote:
> > 
> > [ ... ]
> > > [mailto:rhn-users-admin redhat com] On Behalf Of Lloyd Zusman
> > >
> > > [ ... ]
> > >
> > > But how do you know you're getting the source RPM that 
> > > exactly corresponds to the binaries you have already 
> > > downloaded via up2date?
> > 
> > I have to admit I don't know for sure.  The only sure way would be to
> > build a binary from source and compare it.  I haven't done that.  But I
> > have checked many of the src.rpm packages and they are the same revision
> > number as the binaries.  I'm pretty sure.  
> >
> > I also made sure I took all of them from Redhat's web site.
> Well then, if that's all that you need do, then I might as well use
> the pbone RPM server and just find the source RPM's for the exact
> version of the binaries that I have.
> This is a lot easier than I thought, then.
> Thanks.

All source and binary RPMs are signed with Red Hat's private key.
rpm -Kv <rpm/srpm filename>
...will give you signature information.

Also, rpm -qip <rpm/srpm filename>
or rpm -qi <installed rpm name>
...will give you you some neat info. For example. Build host and build
date. Those two should be the same for the source rpm and it's resulting
binary(ies). They will also be the same version and release.

I hope that helps.

 /odd Warner                                    <taw {redhat,pobox}.com>
          Bit Twiddler - Operation Cheetah Flip - Red Hat Inc.
---------------------gpg info in the message headers--------------------
Be kind on Usenet, some posters are only eleven years old.
-- Guido van Rossum

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]