Dne 12. 03. 19 v 19:49 Kevin Fenzi napsal(a): > We need to revamp this entirely, and as luck would have it, we have a plan: > > https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx/thread/5UVGSBRLX352A4S2CBZ2CGBXPAGQTYKB/ I am afraid that this will not help in this situation, because even if $releasever will be equal to "rawhide" you still will have in repo file: gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-$releasever-$basearch which will have prior the branching *content* of F30 gpg key. Then after branching (let say 4 weeks later) you will run 'dnf upgrade'. It will try to download new fedodra-gpg-keys package, which will be signed by F31 gpg key. IMO the only solution to this is: * create new gpg keys several months before branching and add it to fedodra-gpg-keys package and * gpgkey in repo file lists both gpg keys or * sign rpm packages in rawhide by both keys - and I'm afraid our infrastructure is not ready for this. Miroslav
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
