Subject: | |
From: | |
Reply To: | |
Date: | Mon, 8 Oct 2012 10:52:32 +0100 |
Content-Type: | text/plain |
Parts/Attachments: |
|
|
On Fri, 5 Oct 2012, SCHAER Frederic wrote:
> Hi,
>
> I'm trying to install some software which requires a jdk, and the latest one is set to be installed... but installation fails
> because I have enabled gpg signature check, and that rpm isn't signed : is this a bug, or a feature ?
>
> Error :
> # yum install jdk.x86_64
> (...)
> Package jdk-1.6.0_35-fcs.x86_64.rpm is not signed
>
> If this is a feature, do how should security updates be applied using yum ?
It is a "feature".
Sun/Oracle build these packages, not SL,
and they are built with rpm version 3 which cannot be (re)signed
(there is/was some work around for the 32bit rpms,
but no known solution for the x86_64 packages).
> I would assume it is a security risk to disable gpg check on erratas, isn't it ?
I would agree.
I hand-install these packages with yum --nogpgcheck
--
Dr. Andrew C. Aitchison Computer Officer, DPMMS, Cambridge
[log in to unmask] http://www.dpmms.cam.ac.uk/~werdna
|
|
|