Scott R Ehrlich wrote: > Quoting Karanbir Singh <mail-lists at karan.org>: > >> Scott Ehrlich wrote: >>> Media checked fine with both md5sum and sha1sum. I believe I obtained >>> my DVD version from kernel.org, and were obtained within the last couple >>> of months. >> >> what does this say : 'rpm -qf /etc/yum.repos.d/CentOS-Base.repo' > > sudo rpm -qf /etc/yum.repos.d/CentOS-Base.repo > centos-release-5-0.0.el5.centos.2 > > >> and what does this say : 'rpm -V centos-release' > > this shows nothing. Before we take this any further ... was the key you imported to a repository other than an official CentOS one. (for example, RPMForge, ATRPMS, etc.). The default CentOS-Base.repo has this line in it: gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-5 All packages in the official repos should be signed with that key ... if you only have the CentOS Default repos enabled, you should not have been able to install a package that needed updating without yum asking you if you wanted to install that key. If you had to add the CentOS-5 key ... then something is not setup in the default way. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 252 bytes Desc: OpenPGP digital signature URL: <http://lists.centos.org/pipermail/centos/attachments/20070712/39e50c03/attachment-0005.sig>