Subject: | |
From: | |
Reply To: | |
Date: | Sun, 25 Dec 2005 06:24:49 +1000 |
Content-Type: | text/plain |
Parts/Attachments: |
|
|
Hi John,
> I am trying to figure out a way to use gpgcheck=1 in a yum repo given
> the presence of unsigned packages. At the moment it seems to me that
> the valuable gpgcheck feature is rendered useless as soon as one package
> is unsigned, because yum will refuse to update or install anything if
> one package (to be updated) is unsigned and gpgcheck=1 is set. In order
> to automate updates on a large number of machines I have to do
> gpgcheck=0. Does the "tolerant" flag affect this behavior? The man
> page is silent on this (and many other features). It only gives an
> example of the kind of behavior "tolerant" causes.
>
> One idea for a solution would be to have my own local gpgcheck=0
> repository of unsigned packages (since they are very few) and use
> gpgcheck=1 on other repositories. I am not sure how to do this however.
> I can create a local repository containing only the java sdk package,
> but how do I tell yum to use this repo for java-sdk instead of sl-
> errata, but use sl-errata for everything else?
If you were to create the repo, named something like "[java-sdk-unsigned]",
then it's a simple matter on the command line to use:
# yum --enablerepo=java-sdk-unsigned blah blah
Michael.
|
|
|