On Thu, 23 Jul 2009, Kelvin Raywood wrote:
<snip>
>> Of course in our setup all the relevant machines are centrally managed by
>> us so we don't have to worry about user-admin'd boxes and can simply
>> arrange to sync over new .repo files from our nightly hack-things-about
>> scripts... :-)
>
> We also have no problem with our centrally-managed machines but it did
> require that we (and you) do something rather than nothing.
All I was saying was that putting the rpms signed with a new key into a
different repo (as you say Fedora did) would have require us (if not you)
to do more. No solution would have required _us_ to do nothing since we
don't use the standard .repo files.
> For "user-admin'd boxes" I've sent an announcement asking people to
> import the new keys manually. We have a mechanism to identify PCs on
> our network that are failing their nightly updates, and will contact the
> owners to remind them of what they need to do.
Perhaps the problem is that turning on signature checking is a fairly
common edit but still prevents the update of .repo files for people who
otherwise made no changes.
If your users' boxes also point at a repo you control then you can stick a
package in there (signed by a key they already have!) which does the new
key imports etc and tell them to install it...