Bug 365021 - [RFE] Disable GPG check on package files installed via localinstall
[RFE] Disable GPG check on package files installed via localinstall
Status: CLOSED WONTFIX
Product: Fedora
Classification: Fedora
Component: yum (Show other bugs)
7
All Linux
low Severity low
: ---
: ---
Assigned To: Jeremy Katz
Fedora Extras Quality Assurance
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2007-11-03 01:49 EDT by Ignacio Vazquez-Abrams
Modified: 2014-01-21 17:59 EST (History)
4 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2007-11-03 09:55:40 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Ignacio Vazquez-Abrams 2007-11-03 01:49:44 EDT
It would be handy if yum localinstall disabled the GPG verification on the
packages passed to it on the command line, but still enforced it on packages
installed from repositories.
Comment 1 Seth Vidal 2007-11-03 09:55:40 EDT
Automating that change just makes the likelihood of someone bein exploited greater.

If you are localinstalling and want to make sure gpgchecking is off there are 2
ways:

1. yum --nogpgcheck localinstall foo.rpm
2. edit /etc/yum.conf and under [main] set gpgcheck=0

In the 2nd case that'll disable it ONLY for the global case and any repo which
has gpgcheck=1 will continue gpg checking


Note You need to log in before you can comment on or make changes to this bug.