rpm --nosignature reversed meaning
gotar at polanet.pl
Tue Aug 30 13:03:25 CEST 2016
Since we got the answer for this issue - th-admin, please publish separate GPG files.
As for the reversed meaning of --nosignature, assistance required.
Or RFC on enabling them unconditionally, following upstream rpm5.
On Tue, Aug 30, 2016 at 06:56:11 -0400, Jeffrey Johnson wrote:
>> The same problem, but completely wrong diagnosis.
>> ~: rpm --import PLD-3.0-Th-GPG-keyRSA.asc
>> ~: rpm --import PLD-3.0-Th-GPG-keyDSA.asc
>> ~: rpm -q gpg-pubkey
>> That should be done when importing PLD-3.0-Th-GPG-key.asc - two distinct
>> keys, DSA and RSA. As you see I split them manually and now it verifies
>> correctly, so rpm simply can't handle properly multi-key import.
> Yep: RPM has never handled subkeys nor concatenated armored pubkeys.
> Don???t do that!
> (i.e. use separate imports for each pubkey instead) should suffice.
Tomasz Pala <gotar at pld-linux.org>
More information about the pld-devel-en