33112 – ``not signed with GPG signature'' dialog needs a ``Yes to all'' button

Bug 33112 - ``not signed with GPG signature'' dialog needs a ``Yes to all'' button

Summary: ``not signed with GPG signature'' dialog needs a ``Yes to all'' button

Keywords:
Status:	CLOSED NOTABUG
Alias:	None
Product:	Red Hat Linux
Classification:	Retired
Component:	up2date
Sub Component:
Version:	7.1
Hardware:	i386
OS:	Linux
Priority:	low
Severity:	medium
Target Milestone:	---
Assignee:	Adrian Likins
QA Contact:	Jay Turner
Docs Contact:
URL:
Whiteboard:
Duplicates (1):	32104 (view as bug list)
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2001-03-25 07:58 UTC by kev
Modified:	2015-01-07 23:44 UTC (History)
CC List:	2 users (show)
Fixed In Version:
Doc Type:	Enhancement
Doc Text:
Clone Of:
Environment:
Last Closed:	2001-08-21 19:21:33 UTC
Embargoed:

Attachments	(Terms of Use)

Description kev 2001-03-25 07:58:23 UTC

From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux 2.4.0 i686; en-US; 0.8) Gecko/20010215


Apparently, many of the wolverine updates do not have GPG signatures
associated with the packages.  This doesn't really bother me, but being
prompted "The package foo is not signed with a GPG signature. Continue?"
for *every* package foo is most annoying and makes it impossible to let
up2date retrieve packages unattended.

IMO, it would be most useful if an additional "Yes to all" button were
added to this dialog.

Reproducible: Always
Steps to Reproduce:
1.Start up2date on a wolverine system which has not been upgraded to
Xfree86-4.0.3.
2.Select the XFree86 packages to be updated.
3.Start the update.  Observe the message which asks if it is okay to
continue without a GPG signature.
4. Note that the yes button needs to be pressed for each such message,
making it impossible to let up2date download the packages unattended.
	

Here's an additional annoyance associated with this bug... If you are using
the keyboard to attempt to get other work done while up2date is retrieving
the packages and the "...is not signed with a GPG signature" message pops
up while you are typing, pressing a space will trigger the selected button
in this dialog (which is "No") and the update will be terminated.

Comment 1 kev 2001-03-25 08:49:59 UTC

I just noticed that ``up2date --configure'' allows me to disable GPG checking
altogether.  I still think it'd be nice to have a means to disable it "on the
fly" for only a single session.

Comment 2 Preston Brown 2001-04-04 19:03:18 UTC

*** Bug 32104 has been marked as a duplicate of this bug. ***

Comment 3 Todd Warner 2001-04-04 20:42:09 UTC

Problem though:

If you want to say yes to some and no to others.... program exists. There needs
to be a "Skip" just tbis package option.

Comment 4 Aleksey Nogin 2001-08-21 16:38:18 UTC

"Skip" is nice, but I guess it would be much harder to implement properly (what
if the package you've skipped breaks some dependency?).

"Yes to all", OTOH should be very easy to implement. Are you sure this is
"priority: low"? IMHO this problem is pretty annoying.

Comment 5 Jay Turner 2001-08-21 19:21:28 UTC

From the commandline, you can pass '--nosig' which will allow you to retrieve
packages without checking the GPG signature, even if the config is set to check
them.

Comment 6 Adrian Likins 2002-03-26 22:55:56 UTC

This isnt too much of an issue these days, and
I'm somewhat opposed to a "yes to all" in the gui for this anyway,
so closing this bug.

Note You need to log in before you can comment on or make changes to this bug.