>on 5-12-2008 5:54 AM Jason Pyeron spake the following: >>> -----Original Message----- >>> Behalf Of Ralph Angenendt >>> >>> Jason Pyeron wrote: >>>> I was just about to ask the same, but for packages I just rolled. >>>> >>>> Is there a cmd line swith or env var? >>> Why not sign packages you roll? It really isn't that hard. RPM does have >> >> It's a throw away project on a throwaway vm instance. >> >>> issues with large keys, though - Key on the top1000 list aren't usable >>> :) - I think 64kb is the maximum size. >>> >>> And: Setting gpgcheck to 0 in yum.conf should disable global gpg >>> checking, you can turn it on for each repository in the .repo files >>> under /etc/yum.repos.d/. So the choice of how you shoot yourself in the >>> foot with unsigned packages is up to you >:) >> >> But there are no (temporary) options from the command line? >> >I haven't found any. Something like --nosign or --ignore-nokey would be great. I generally copy /etc/yum.conf to /etc/yum.localinstall.conf and change the gpgcheck flag to 0, then use "yum -c /etc/yum.localinstall.conf localinstall package" to install any unsigned packages. I've only used it with packages from a know good source (mostly locally built). Cliff