Bug 365021 - [RFE] Disable GPG check on package files installed via localinstall
Summary: [RFE] Disable GPG check on package files installed via localinstall
Keywords:
Status: CLOSED WONTFIX
Alias: None
Product: Fedora
Classification: Fedora
Component: yum
Version: 7
Hardware: All
OS: Linux
low
low
Target Milestone: ---
Assignee: Jeremy Katz
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2007-11-03 05:49 UTC by Ignacio Vazquez-Abrams
Modified: 2014-01-21 22:59 UTC (History)
4 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2007-11-03 13:55:40 UTC
Type: ---
Embargoed:


Attachments (Terms of Use)

Description Ignacio Vazquez-Abrams 2007-11-03 05:49:44 UTC
It would be handy if yum localinstall disabled the GPG verification on the
packages passed to it on the command line, but still enforced it on packages
installed from repositories.

Comment 1 Seth Vidal 2007-11-03 13:55:40 UTC
Automating that change just makes the likelihood of someone bein exploited greater.

If you are localinstalling and want to make sure gpgchecking is off there are 2
ways:

1. yum --nogpgcheck localinstall foo.rpm
2. edit /etc/yum.conf and under [main] set gpgcheck=0

In the 2nd case that'll disable it ONLY for the global case and any repo which
has gpgcheck=1 will continue gpg checking




Note You need to log in before you can comment on or make changes to this bug.