On 04/21/2011 08:34 AM, Mathieu Baudier wrote: >> Not updating is entirely sensible and sounds like the best default position. >> Installing a package you'd expect to be signed when it isn't signed should >> ring alarm bells. > > I agree that my first answer was probably wrong, even with all > disclaimers and warnings. > > I thought of a technical way (--nogpgcheck) to solve the issue, > whereas the right answer was definitely procedural (as you point out, > not updating, what I would have done on my own systems). > > I apologize, but I did my best... > >> Freedom includes being free to make poor decisions. > > I fully agree with you. Maybe this would work out: yum --nogpgcheck update libuser-devel then you can update everything else later with gpg on. Although, like I said, this particular issue has now been corrected.
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos