These instructions are insecure, set you up for a supply-chain attack: a) RPMs are loaded over plain "http" (no "https") b) RPM signature is not checked A more secure sequence would: - wget https://urldefense.proofpoint.com/v2/url?u=https-3A__somewhere_rpm-2Dsignature-2Dkey&d=DwIBAg&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=Bwvu8ORtdwu_qqgSySYBdSQ5VFU2sSZyj1XlHQ96Gz4&s=OuX1i3RoFfYAZJrzTBCVE8ywgKYMw1puabTsB1I4ljM&e= - independantly verify this signature - rpm import it - rpm check signature before installing (or use yum, confirm package signature is enabled) K.O. On Thu, Feb 04, 2021 at 03:42:31PM -0600, Ching Him Leung wrote: > I have not tried RHEL yet, but I have some success converting from CentOS 8 to Springdale 8 on a VM. Here are some instruction I found on rocky linux forum > > dnf update -y > rpm -e --nodeps centos-backgrounds centos-indexhtml centos-gpg-keys centos-linux-release centos-linux-repos centos-logos > rpm -ivh \ > https://urldefense.proofpoint.com/v2/url?u=http-3A__springdale.princeton.edu_data_springdale_8_x86-5F64_os_BaseOS_Packages_springdale-2Dappstream-2D8-2D0.sdl8.2.noarch.rpm&d=DwIBAg&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=Bwvu8ORtdwu_qqgSySYBdSQ5VFU2sSZyj1XlHQ96Gz4&s=3awxciVrCSZEziaUehriWnMttfwlCRKuMKjepx6bbz0&e= \ > https://urldefense.proofpoint.com/v2/url?u=http-3A__springdale.princeton.edu_data_springdale_8_x86-5F64_os_BaseOS_Packages_springdale-2Dcore-2D8-2D0.sdl8.2.noarch.rpm&d=DwIBAg&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=Bwvu8ORtdwu_qqgSySYBdSQ5VFU2sSZyj1XlHQ96Gz4&s=xBX0ndIbr0GKnXILKqPO-qmzF3uRMRJoqW64SxEgvjE&e= \ > https://urldefense.proofpoint.com/v2/url?u=http-3A__springdale.princeton.edu_data_springdale_8_x86-5F64_os_BaseOS_Packages_springdale-2Drelease-2D8.3-2D0.42.el8.x86-5F64.rpm&d=DwIBAg&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=Bwvu8ORtdwu_qqgSySYBdSQ5VFU2sSZyj1XlHQ96Gz4&s=EB5q0Mf4XnrLhTF5rmgjfjnR71LWhzI4xDHIRPwvwx8&e= > dnf distro-sync -y > > the distro-sync will reinstall every package > > Ching Him -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada