On Thu, 2003-04-10 at 17:45, Miles Egan wrote: > We have a group of sysadmins that build packages for us and we'd like to > make sure that only packages built by one of the approved maintainers > can be installed. hmm. so would you want something like: keyids: keyid1 keyid2 keyid3 for each repo - if a pkg sig doesn't match one of those keyids then it exits and complains? What if the gpg-pubkey is even in the rpmdb? -sv
