docs-archive/sysadmin-guide
Archived
21
1
Fork 3
Code Issues 26 Pull requests 2 Activity

[f40] Doc issue in file modules/system-administrators-guide/pages/package-management/DNF.adoc #35

New issue
Open
opened 2025-09-08 17:23:49 +00:00 by jcastran · 2 comments
jcastran commented 2025-09-08 17:23:49 +00:00 (Migrated from gitlab.com)
Copy link

This sentence implies that yum will not install any package from a repo if it was signed by a different key than what was specified in the .repo file. We can adjust this to clarify that yum will not install a package if the corresponding gpgkey for that package is not imported.

Change this:

When signature verification is enabled, Yum will refuse to install any packages not GPG-signed with the correct key for that repository

to something like this:

When signature verification is enabled, Yum will refuse to install any gpg-signed packages not signed by an imported gpg key.

Example Situation

pkg-A signed by gpgkey-A
pkg-A is in repoB
[repoB]
...
gpgkey=gpgkey-B

I’ve already imported gpgkey-A

I install pkg-A from repoB and it verifies the package bc a key is already imported. Customer expected this to fail since the gpgkey for pkg-A was not specified.

This sentence implies that yum will not install any package from a repo if it was signed by a different key than what was specified in the .repo file. We can adjust this to clarify that yum will not install a package if the corresponding gpgkey for that package is not imported. **Change this:** When signature verification is enabled, Yum will refuse to install any packages not GPG-signed with the correct key for that repository **to something like this:** When signature verification is enabled, Yum will refuse to install any gpg-signed packages not signed by an imported gpg key. **Example Situation** pkg-A signed by gpgkey-A pkg-A is in repoB [repoB] ... gpgkey=gpgkey-B I’ve already imported gpgkey-A — I install pkg-A from repoB and it verifies the package bc a key is already imported. Customer expected this to fail since the gpgkey for pkg-A was not specified.
jcastran commented 2025-09-08 17:23:49 +00:00 (Migrated from gitlab.com)
Copy link

set status to To do

set status to **To do**
p.boy commented 2025-09-08 20:30:18 +00:00 (Migrated from gitlab.com)
Copy link

Thanks for your efforts here. Unfortunately, the admin guides are no longer maintained. And we have a discussion how to further proceed with Fedora Docs. See e.g. Fedora Docs – current state and conclusions from our experiences. As part of this, we will create new administration docs, that will partly reuse the old docs and update them. So, we will use your enhancement later.

Thanks for your efforts here. Unfortunately, the admin guides are no longer maintained. And we have a discussion how to further proceed with Fedora Docs. See e.g. [Fedora Docs – current state and conclusions from our experiences](https://discussion.fedoraproject.org/t/fedora-docs-current-state-and-conclusions-from-our-experiences/163515). As part of this, we will create new administration docs, that will partly reuse the old docs and update them. So, we will use your enhancement later.
Commenting is not possible because the repository is archived.
No Branch/Tag specified
Branches Tags
main
f41
f39
f40
f38
f37
f35
cherry-pick-82f2ace5
f36
f34
f26
f27
f28
f29
f30
f31
f32
f33
No results found.
Labels
Clear labels
No items
No labels
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
docs-archive/sysadmin-guide#35
No description provided.