On Sun, 24 May, 2020 at 19:43, Danishka Navin <danishka@xxxxxxxxx>
wrote:
On Sun, May 24, 2020 at 6:53 PM berend <berend.de.schouwer@xxxxxxxxx>
wrote:
On Sun, 24 May, 2020 at 18:36, Danishka Navin <danishka@xxxxxxxxx>
wrote:
> Hi,
>
> Is it possible to find out all installed packages which were not
> signed (installed by ignoring gpgcheck).
Start with:
rpm --query --queryformat "%{NAME} %{SIGPGP:pgpsig}\n" --all
You may need to cross-check the key ID to verify to find packages
that
were signed, but you don't have the key for.
Thanks Berend.
Btw, is there away to stop package installation with
--nosignatureoption?
Idea is it restricts installation packages without correct signature.
Not really. Package installation requires root access anyway. Root can
just extract the RPM archive manually using cpio and skip every single
RPM sanity check.
_______________________________________________
users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx
