Bug 40088 - RFE: Add RPM verification
Summary: RFE: Add RPM verification
Keywords:
Status: CLOSED DUPLICATE of bug 40045
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: installer
Version: 7.1
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Brent Fox
QA Contact: Brock Organ
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2001-05-10 15:29 UTC by Patrick C. F. Ernzer
Modified: 2007-04-18 16:33 UTC (History)
0 users

Fixed In Version:
Doc Type: Enhancement
Doc Text:
Clone Of:
Environment:
Last Closed: 2001-05-14 19:12:16 UTC
Embargoed:


Attachments (Terms of Use)

Description Patrick C. F. Ernzer 2001-05-10 15:29:15 UTC
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux 2.4.2-2 i686; en-US; rv:0.9)
Gecko/20010507

Description of problem:
It would be really nice if the installer could verify RPM files before
installing them and issue an error if the verification fails

How reproducible:
Always

Steps to Reproduce:
1. give the installer one or more RPMs that are broken (GPG or MD5 NOT OK)
2. install
3. installer accepts the file
	

Actual Results:  Potential to install broken RPMs

Expected Results:  A dialog along these lines, an option for kickstart and
an entry in the install.log

[start]
The package <name> failed verification.
What do you want to do?
'Skip the package', 'Try again', 'Install anyway'
[end]

Additional info:

Comment 1 Brent Fox 2001-05-14 19:12:11 UTC

*** This bug has been marked as a duplicate of 40045 ***

Comment 2 Patrick C. F. Ernzer 2001-08-27 16:32:18 UTC
While I agree with your comment in bug 40045 that giving the user any options is
problematic, I would still like to see the addition of a 'rpm --checksig' for
each package prior to installation of the package so that we do not install
broken packages. Even if this means bailing out of anaconda on failure.


Note You need to log in before you can comment on or make changes to this bug.