From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; Linux 2.4.2-2 i686; en-US; rv:0.9) Gecko/20010507 Description of problem: It would be really nice if the installer could verify RPM files before installing them and issue an error if the verification fails How reproducible: Always Steps to Reproduce: 1. give the installer one or more RPMs that are broken (GPG or MD5 NOT OK) 2. install 3. installer accepts the file Actual Results: Potential to install broken RPMs Expected Results: A dialog along these lines, an option for kickstart and an entry in the install.log [start] The package <name> failed verification. What do you want to do? 'Skip the package', 'Try again', 'Install anyway' [end] Additional info:
*** This bug has been marked as a duplicate of 40045 ***
While I agree with your comment in bug 40045 that giving the user any options is problematic, I would still like to see the addition of a 'rpm --checksig' for each package prior to installation of the package so that we do not install broken packages. Even if this means bailing out of anaconda on failure.