Date: Tue, 6 Aug 2002 11:29:28 +0200 From: Radoslaw Stachowiak <radek@...er.pl> To: owl-users@...ts.openwall.com Subject: gpg rpm signing - auto upgrade AFAIK rpm files (/pub/Owl/current/i386/RPMS) are not sgined by pgp/gpg. I think its a good idea and can help a lot people which dont build from sources but use precompiled rpm packages. It can also help to use some kind of automated upgrade procedures (yeah, i know, i know ;) its not secure :) which is: 1. fetch rpm files (e.g. use mirror command from lftp) 2. check signatures (rpm --checksig) 3. use rpm -F --test *rpm - to test for conflicts/broken deps 4. do upgrade -F (without --test) or just email admin list of (already fetched and verified) packages ready to upgrade. -- radoslaw.stachowiak.........................................http://alter.pl/
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.