On Sunday 16 November 2003 17:12, Mike Cisar wrote: > > > I still want to use GPG to check the regular fedora-core packages > > > and updates, but the local repository has RPM's that may or may > > > not be GPG signed, so I don't want to check GPG on those > > > packages. > > > > Any reason for you to not just rpm --resign the packages with > > your own GPG key, and add your keys to the up2date/rpm > > recognized keys? > > That is definitely an option, but it just adds another maintenance > aspect (ie. having to remember to sign, and to double check that if > anybody else has put files in that directory that they have told me > so that I can sign them)... since we don't care about the signature > it seems like an extra unnessesary hassle. I was hoping that since > the yum authors gave the option, that maybe the up2date authors would > also have a way to individually ignore GPG (hint hint nudge nudge to > up2date authors :-). > > Cheers, > > >>>>> Mike <<<<< > > -- > fedora-list mailing list > fedora-list@xxxxxxxxxx > http://www.redhat.com/mailman/listinfo/fedora-list I haven't read this entire thread so hope I'm not out in left field but have you tried the --nosig option to up2date? Regard, Mike Klinke
