[packman] digests SIGNATURES NOT OK

Carlos E. R. robin.listas at telefonica.net
Mon Dec 13 23:02:39 CET 2021

On 13/12/2021 21.03, Stefan Seyfried wrote:
> Hi Marc,
> On 13.12.21 09:35, Marc Schiffbauer wrote:
>> * Stefan Seyfried schrieb am 12.12.21 um 00:04 Uhr:


>> But yes, signing a new key with the old one is a good idea.
> ...only if the tools (zypper, yast, rpm) actually accept this "new key 
> signed with old one" without crazy warnings ;-)
> If they still complain, then we do not win too much (but also will not 
> lose anything) by signing the new key with te old one.

It depends on zypper keeping a chain of trust like "normal" key signing 
which is done by gpg and stored in ~/.gnupg/, maybe file trustdb.gpg, 
I'm not sure.

This might be somewhere in /var/lib/rpm/* (now /usr/lib/sysimage/rpm), 
but I don't know if it does and I suspect it doesn't.

Cheers / Saludos,

		Carlos E. R.
		(from 15.2 x86_64 at Telcontar)

-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 203 bytes
Desc: OpenPGP digital signature
URL: <http://lists.links2linux.de/pipermail/packman/attachments/20211213/dec10b5c/attachment.sig>

More information about the Packman mailing list