> I don't see it -- this complexifies a simple design -- > generally a bad idea in a *nix world. good word. > 1. Why re-invent the wheel in yum for a key import task which > rpm already does? > > A yum command line version just introduces a possibility for > error it it does anything but wrapper the appropaite rpm > command (probably something along the lines of: > rpm -Uvh gpg-key-RHL-2345678.noarch.rpm > ) I think the general idea I've had is to discourage people from using rpm so they never learn of evil commands like --nodeps and --force So if they do a lot of functions through yum then they stop thinking about it through other interfaces. It's sorta like how no one uses dpkg for installations. > 2. Lots of 'ugly' stuff appears in a raw rpm-qa to the > uninitiated eye but this true lots of places. It is sometimes > good to be ugly -- if you start hiding detail, except pursuant > to a documented yum.conf file setting, or a -q option, you > prevent external clients from being able to use yum in a > command pipeline subshell to do things you and I've not even > dreamed of, yet. I'd be inclined to agree. So I might still do an importkey mechanism - but probably not filter the gpg pubkeys. In fact, it could be very handy to list them come to think of it. now all I need to find out is if I can specify only certain pubkeys to be used during checking. That'd be terribly handy. -sv
