On 05/22/2009 06:20 PM, Jason Farrell wrote:
tigervnc is also unsigned.
That's the one I hit today as well, from download.fedora.redhat.com -
should we expect that to be updated by now?
Here's what I'm showing for currently unsigned:
gallery2-2.3-11.fc11.noarch.rpm is unsigned
...
gallery2-zipcart-2.3-11.fc11.noarch.rpm is unsigned
libatasmart-0.12-2.fc11.i586.rpm is unsigned
pulseaudio-0.9.15-11.fc11.i586.rpm is unsigned
pulseaudio-libs-0.9.15-11.fc11.i586.rpm is unsigned
pulseaudio-libs-glib2-0.9.15-11.fc11.i586.rpm is unsigned
pulseaudio-module-bluetooth-0.9.15-11.fc11.i586.rpm is unsigned
pulseaudio-module-gconf-0.9.15-11.fc11.i586.rpm is unsigned
pulseaudio-module-x11-0.9.15-11.fc11.i586.rpm is unsigned
pulseaudio-utils-0.9.15-11.fc11.i586.rpm is unsigned
pungi-2.0.16-1.fc11.noarch.rpm is unsigned
tigervnc-0.0.90-0.10.fc11.i586.rpm is unsigned
tigervnc-server-0.0.90-0.10.fc11.i586.rpm is unsigned
tigervnc-server-module-0.0.90-0.10.fc11.i586.rpm is unsigned
by way of, in my i386 repo mirror:
ls *rpm | xargs -n 1 ~/bin/check-for-signed.sh
check-for-signed.sh:
#!/bin/sh
rpm -fK $1 | egrep -qi '(gpg|pgp)' || echo "$1 is unsigned"
It would be great if it the machinery made it impossible to push an
unsigned package. It's not a .newkey-level problem, yum will do the
right thing, but still makes one uncomfortable. Short of that a cron
job with find and mtime 0 could at least scream like hell.
My updates repo looks all good.
-Bill
--
Bill McGonigle, Owner Work: 603.448.4440
BFC Computing, LLC Home: 603.448.1668
http://www.bfccomputing.com/ Cell: 603.252.2606
Twitter, etc.: bill_mcgonigle Page: 603.442.1833
Email, IM, VOIP: bill@xxxxxxxxxxxxxxxx
Blog: http://blog.bfccomputing.com/
VCard: http://bfccomputing.com/vcard/bill.vcf
--
fedora-test-list mailing list
fedora-test-list@xxxxxxxxxx
To unsubscribe:
https://www.redhat.com/mailman/listinfo/fedora-test-list
