Red Hat Bugzilla – Bug 119578
package with unknown GPG signature aborts update
Last modified: 2007-11-30 17:10:39 EST
Description of problem:
While updating when I come across a package with an unknown GPG
signature my only options are continue Yes / No.
If I decide that I don't trust the package with the unknown sig
I have to abort and start the update all over again, select
everything again except for the dubious package and try again (until
I hit the next unsigned package).
I'd rather just skip *that* package or at least be able to go back to
the package selection.
I don't even see which signature it is that I am missing.
Version-Release number of selected component (if applicable):
Package transactions are computed before checking gpg
sigs. At the moment, there is no mechanism to reconstruct
a transaction if the gpg checks fail. There is no plan
to change this.