Bill Davidsen wrote: > If there is a simple explanation of why these are not combined into > a single package, I would like to hear it. Let's use Fedora 9 as an example. I believe the current fedora-release package in updates is 9-2. That contains the old key and yum repo files which point to the current URLs. An updated fedora-release package will contain the new key and repo files with the new URLs (where all of the packages that have been re-signed with the new key are located). On the first yum update, this package will get installed (from the current updates URL, and signed with the old key). It will require a second yum update to begin using the new repo files with the updated URLs to see the newly signed packages (which will also cause yum to import the new key¹). A further update of fedora-release from the new location is expected to remove the old key from the rpm database. > If it's complex or secret that's fine, I don't see the obvious > problem combining them, but I don't claim great RPM expertise. No secret at all. The plan is outlined at: http://lists.fedoraproject.org/pipermail/rel-eng/2008-August/001627.html ¹ There is a possibility that this process could change slightly as currently PackageKit does not handle updating the new key properly. -- Todd OpenPGP -> KeyID: 0xBEAF0CE3 | URL: www.pobox.com/~tmz/pgp ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ I have never let my schooling interfere with my education. -- Mark Twain (1835-1910)
Attachment:
pgpmbeQhJgloB.pgp
Description: PGP signature
-- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines