Bug 1309416

Summary:	--checksig (-K) option not documented in man page
Product:	[Fedora] Fedora	Reporter:	fednuc <fedora2021q2>
Component:	rpm	Assignee:	Packaging Maintenance Team <packaging-team-maint>
Status:	CLOSED UPSTREAM	QA Contact:	Fedora Extras Quality Assurance <extras-qa>
Severity:	low	Docs Contact:
Priority:	unspecified
Version:	23	CC:	ffesti, jzeleny, lkardos, novyjindrich, packaging-team-maint, pknirsch, y9t7sypezp
Target Milestone:	---	Keywords:	Documentation, Reopened
Target Release:	---
Hardware:	Unspecified
OS:	Unspecified
Whiteboard:
Fixed In Version:		Doc Type:	Bug Fix
Doc Text:		Story Points:	---
Clone Of:		Environment:
Last Closed:	2016-04-15 07:38:21 UTC	Type:	Bug
Regression:	---	Mount Type:	---
Documentation:	---	CRM:
Verified Versions:		Category:	---
oVirt Team:	---	RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---	Target Upstream Version:

Description fednuc 2016-02-17 18:15:09 UTC

rpm --checksig (rpm -K) checks the signature for a package against installed keys (http://www.rpm.org/max-rpm/s1-rpm-checksig-using-rpm-k.html)

The man page makes no mention of this.

(rpm-4.13.0-0.rc1.11.fc23)

Comment 1 Ľuboš Kardoš 2016-02-19 09:48:56 UTC

Checking signatures is implemented in rpmkeys command, so "--checksig" is documented in rpmkeys man page. Option "--checksig" is leaved in rpm command only because of backward compatibility but it is deprecated there.  

Maximum RPM is quite old book (19 years) so not every piece of information from there reflects the current state.

Comment 2 Steve 2016-02-19 18:41:46 UTC

(In reply to Ľuboš Kardoš from comment #1)
> Checking signatures is implemented in rpmkeys command, so "--checksig" is
> documented in rpmkeys man page. Option "--checksig" is leaved in rpm command
> only because of backward compatibility but it is deprecated there.  
> 
> Maximum RPM is quite old book (19 years) so not every piece of information
> from there reflects the current state.

The rpm man page should say all that, so you don't get bug reports like this.

Stephen: I suggest reopening this as a documentation bug. You can add the "Documentation" keyword to make that clear:
https://bugzilla.redhat.com/describekeywords.cgi

Comment 3 Steve 2016-02-19 20:38:18 UTC

(In reply to Ľuboš Kardoš from comment #1)
...
> Option "--checksig" is leaved in rpm command
> only because of backward compatibility but it is deprecated there.  
...

Man pages often document functionality that is provided for backward compatibility. See "man man" for a specific example (-E option). For more examples:
$ man -K --regex 1 'backwards?[- ]*compatibility'

Comment 4 fednuc 2016-02-19 22:34:03 UTC

Re-opened per #2

Comment 5 fednuc 2016-02-19 22:38:35 UTC

To add more weight to Steve's comments, and argue for inclusion of the option (marked as deprecated) in the docs - I only know that this is a deprecated option (and that rpmkeys is probably the right command to use for this instead) because I filed this bug.

Had I not, I would just have assumed that the documentation was incomplete, then wondered what had happened if the option went from deprecated to removed.

Conversely, with the option documented as deprecated, I would have known to use rpmkeys instead :)

Comment 6 Florian Festi 2016-04-15 07:38:21 UTC

Option got added to new rpm-misc(8) man page. See https://github.com/rpm-software-management/rpm/blob/master/doc/rpm-misc.8