[packman] digests SIGNATURES NOT OK
Carlos E. R.
robin.listas at telefonica.net
Mon Dec 13 23:02:39 CET 2021
On 13/12/2021 21.03, Stefan Seyfried wrote:
> Hi Marc,
>
> On 13.12.21 09:35, Marc Schiffbauer wrote:
>> * Stefan Seyfried schrieb am 12.12.21 um 00:04 Uhr:
...
>> But yes, signing a new key with the old one is a good idea.
>
> ...only if the tools (zypper, yast, rpm) actually accept this "new key
> signed with old one" without crazy warnings ;-)
>
> If they still complain, then we do not win too much (but also will not
> lose anything) by signing the new key with te old one.
It depends on zypper keeping a chain of trust like "normal" key signing
which is done by gpg and stored in ~/.gnupg/, maybe file trustdb.gpg,
I'm not sure.
This might be somewhere in /var/lib/rpm/* (now /usr/lib/sysimage/rpm),
but I don't know if it does and I suspect it doesn't.
--
Cheers / Saludos,
Carlos E. R.
(from 15.2 x86_64 at Telcontar)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 203 bytes
Desc: OpenPGP digital signature
URL: <http://lists.links2linux.de/pipermail/packman/attachments/20211213/dec10b5c/attachment.sig>
More information about the Packman
mailing list