On 02/27/2012 09:01 AM, Dmitry Butskoy wrote: >> >> Can I have you check again with rpmdev-checksig? The zlib rpm you >> listed below is signed by TUV and by SL, perhaps it is only checking the >> one key. > > Could you please explain how you sign these packages? > > According to the rpm(8) man page, >> SIGNING A PACKAGE >> rpm --addsign|--resign PACKAGE_FILE ... >> >> Both of the --addsign and --resign options generate and insert new sig‐ >> natures for each package PACKAGE_FILE given, replacing any existing >> signatures. There are two options for historical reasons, there is no >> difference in behavior currently. > > Note "replacing any existing signatures". IOW, after SL-sign, any > previous TUV-sign data should be removed, isn't it? > > A broken "rpm -K" behaviour breaks my scripts and certainly I'm > impressed a little... :-/ > > > Regards, > Dmitry Butskoy We are just running rpm --addsign Pat -- Pat Riehecky Scientific Linux Developer