On Sat, Jul 23, 2005 at 01:20:24AM -1000, Warren Togami wrote: > I *like* that yum enforces this strictly, but are there any good reasons > why we should allow packages in a repo to be signed by two or more valid > keys rather than a single key? [...] > Did we screw up by not resigning everything in base before pushing FC4, > or is this really a yum config problem? > Any ideas how we should fix this now? Should we resign the entire repo > and push that to mirrors? [...] > Or maybe less radically update yum so the repo file allows both keys? > (Use this as a one-time kludge for FC4, and in the future make sure each > repo uses *one* key.) The very latest version of yum, 2.3.4, can handle multiple GPG keys. FC4 has 2.3.2; perhaps updating it is the easiest solution. -- Matthew Miller mattdm@xxxxxxxxxx <http://www.mattdm.org/> Boston University Linux ------> <http://linux.bu.edu/> Current office temperature: 78 degrees Fahrenheit.