Subject: | |
From: | |
Reply To: | |
Date: | Thu, 1 Mar 2012 20:34:20 +0400 |
Content-Type: | text/plain |
Parts/Attachments: |
|
|
Dmitry Butskoy wrote:
> Pat Riehecky wrote:
>>
>> We are just running rpm --addsign
New updates form "fastbugs" still have this issue.
Does anybody working on it or at least planning to work? How can I help?
"rpm -K" is something about "security", and any inaccuracy in it looks
too strange...
Note again, that I cannot reproduce such "rpm --addsign" behaviour under
the latest SL-6.2 with all updates installed.
>
> I've performed some tests, playing with my own gpg-key, and I cannot
> reproduce your behaviour. :(
>
> (All tests are under the currrent SL-6.2 x86_64 system).
>
> Each time I do "rpm --addsign", the old sign is always removed (for
> TUV-signed only, broken twice-signed or not signed at all packages).
> Then, "rpm -K" shows "OK", with only my new gpg (just signed) key.
>
> Could you please perform the similar tests somewhere? I wonder how you
> produce such a signed file(s) in your environment. Such results IMO
> should never happen.
Regards,
Dmitry Butskoy
|
|
|