gpgcheck in smart
Divya Vyas
dvyas at mvista.com
Mon Aug 10 11:10:22 PDT 2015
If rpm verifies the gpg signature and it does not matches or key not
available , then will it give warning or error/quit?
On Mon, Aug 10, 2015 at 9:03 PM, Mark Hatle <mark.hatle at windriver.com>
wrote:
> On 8/10/15 2:22 AM, Divya Vyas wrote:
> > Hi,
> >
> > I am adding rpm-md type channel in smart channels. I want to verify gpg
> > signature for rpms coming from smart tool. How I can do that ? For yum I
> can add
> > gpgcheck=1 in configuration file. Here is smart tool
> /var/lib/smart/config is
> > converted file Hence cannot directly add into it.
> >
> > Is there any command line way to add it? If I do gpgcheck=1 what will
> happen?
>
> RPM(5) always verifies the signatures before allowing an installation. So
> while
> smart may download something that has not been verified and pass it to RPM,
> RPM(5) will verify it before installation... (and before reading additional
> metadata preventing corrupted RPMs from doing bad things...)
>
> --Mark
>
> > Thanks,
> > Divya Vyas
> >
> >
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.labix.org/pipermail/smart-labix.org/attachments/20150810/8f0c1549/attachment.htm>
More information about the Smart
mailing list