on 5-12-2008 5:54 AM Jason Pyeron spake the following:
-----Original Message----- From: centos-bounces@centos.org [mailto:centos-bounces@centos.org] On Behalf Of Ralph Angenendt Sent: Monday, May 12, 2008 7:55 AM To: centos@centos.org Subject: Re: [CentOS] OT: YUM, RPM and PGP keys
Jason Pyeron wrote:
I was just about to ask the same, but for packages I just rolled.
Is there a cmd line swith or env var?
Why not sign packages you roll? It really isn't that hard. RPM does have
It's a throw away project on a throwaway vm instance.
issues with large keys, though - Key on the top1000 list aren't usable :) - I think 64kb is the maximum size.
And: Setting gpgcheck to 0 in yum.conf should disable global gpg checking, you can turn it on for each repository in the .repo files under /etc/yum.repos.d/. So the choice of how you shoot yourself in the foot with unsigned packages is up to you >:)
But there are no (temporary) options from the command line?
I haven't found any. Something like --nosign or --ignore-nokey would be great.