Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Tue, 6 Aug 2002 11:29:28 +0200
From: Radoslaw Stachowiak <radek@...er.pl>
To: owl-users@...ts.openwall.com
Subject: gpg rpm signing - auto upgrade

AFAIK rpm files (/pub/Owl/current/i386/RPMS) are not sgined by pgp/gpg.
I think its a good idea and can help a lot people which dont build from
sources but use precompiled rpm packages.

It can also help to use some kind of automated upgrade procedures (yeah,
i know, i know ;) its not secure :) which is:

1. fetch rpm files (e.g. use mirror command from lftp)
2. check signatures (rpm --checksig) 
3. use rpm -F --test *rpm - to test for conflicts/broken deps
4. do upgrade -F (without --test) or just email admin list of (already
fetched and verified) packages ready to upgrade.

-- 
radoslaw.stachowiak.........................................http://alter.pl/

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.