> Just don't let yum install packages that aren't signed. How about you > start a rawhide mirror with the following properties: if a package is > not signed, it won't be in your mirror; you'll keep the previous > version of such package instead. Then it would not be a rawhide mirror. It would be a rawhide distortion. mirror implies an identical reflection. :) > An alternative is to script a yum wrapper that, when encountering an > unsigned package, automatically excludes that and retries, until you > get only signed packages installed. Heck, wouldn't it be way so cool > if yum could do it all by itself? You could download the header from the package and look beyond it to see if there are any non-md5/sha1 signatures and if any of those are gpg signatures. However, you won't be able to know if it passes the sig check w/o downloading the whole package. And boy would that suck for the user. > It's unlikely that signed packages will have dependencies on unsigned > packages, because of the way signing is done, so odds are that, given > daily rawhide pushes, you'd be able to move forward quite regularly. except that testing would crawl to a halt on the unsigned packages. > > If yum could provide a lesser degree of verification, by verifying > > checksums instead of signatures, this wouldn't be a bad thing? > > Err... Doesn't it? up2date does, and so does rpm. yum checks the package checksum and the file checksum, yes. -sv