Dmitry Butskoy wrote: > Pat Riehecky wrote: >> >> We are just running rpm --addsign New updates form "fastbugs" still have this issue. Does anybody working on it or at least planning to work? How can I help? "rpm -K" is something about "security", and any inaccuracy in it looks too strange... Note again, that I cannot reproduce such "rpm --addsign" behaviour under the latest SL-6.2 with all updates installed. > > I've performed some tests, playing with my own gpg-key, and I cannot > reproduce your behaviour. :( > > (All tests are under the currrent SL-6.2 x86_64 system). > > Each time I do "rpm --addsign", the old sign is always removed (for > TUV-signed only, broken twice-signed or not signed at all packages). > Then, "rpm -K" shows "OK", with only my new gpg (just signed) key. > > Could you please perform the similar tests somewhere? I wonder how you > produce such a signed file(s) in your environment. Such results IMO > should never happen. Regards, Dmitry Butskoy