In the kernel upgrade HOWTO from the Red Hat website, it says:
"In order to make a system administrator's life easier, RPM has ways to
check that the RPM meets self consistency. To do this, we use
the -K --nopgp options. On the example Red Hat Linux 5.2 system, we
downloaded the packages and got the following response
from RPM.
$ rpm -K --nopgp *rpm
kernel-2.0.36-1.i386.rpm: size md5 OK"
On my 6.1 box, 'rpm -q rpm' gives: rpm-3.0.5-9.6x. man rpm shows no 'K'
option, which I must assume is an option from a previous version of rpm,
and trying either the above '-K --nopgp' or 'rpm --checksig [pkgname]'
gives, for example:
kernel-2.2.12-20.i386.rpm: md5 GPG NOT OK
This result is the same for any file, even those on the Red Hat CD
(which the example is from). It would seem that using the
'--checksig' option would be the way, but if I comprehend the man page
on rpm, rpm has to be configured for PGP, and I can't find any
documentation explaining how to do this. 'apropos PGP' gives "nothing
apropriate", and there's no man page for PGP. 'locate PGP' gives only:
/usr/doc/gnupg-1.0.0/OpenPGP
/usr/doc/rpm-3.0.5/RPM-PGP-KEY
/usr/lib/exmh-2.0.3/html/PGP.html
So, how do I check integrity for downloaded rpm files?
--
John Meshkoff johnm at sivakalpa dot org Bom Shankar Bholenath'
{"May We Recognize God's Will in Each Other, and in All We Say and do"
"I don't know that I know the Self fully, neither do I know that I know
him not" {from the 'Upanishads'}
http://www.sivakalpa.org/ http://www.johnpipe.com
_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list
