> Not updating is entirely sensible and sounds like the best default position. > Installing a package you'd expect to be signed when it isn't signed should > ring alarm bells. I agree that my first answer was probably wrong, even with all disclaimers and warnings. I thought of a technical way (--nogpgcheck) to solve the issue, whereas the right answer was definitely procedural (as you point out, not updating, what I would have done on my own systems). I apologize, but I did my best... > Freedom includes being free to make poor decisions. I fully agree with you. _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos