Bug 40088 - RFE: Add RPM verification
RFE: Add RPM verification
Status: CLOSED DUPLICATE of bug 40045
Product: Red Hat Linux
Classification: Retired
Component: installer (Show other bugs)
7.1
All Linux
medium Severity medium
: ---
: ---
Assigned To: Brent Fox
Brock Organ
: FutureFeature
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2001-05-10 11:29 EDT by Patrick C. F. Ernzer
Modified: 2007-04-18 12:33 EDT (History)
0 users

See Also:
Fixed In Version:
Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2001-05-14 15:12:16 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Patrick C. F. Ernzer 2001-05-10 11:29:15 EDT
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux 2.4.2-2 i686; en-US; rv:0.9)
Gecko/20010507

Description of problem:
It would be really nice if the installer could verify RPM files before
installing them and issue an error if the verification fails

How reproducible:
Always

Steps to Reproduce:
1. give the installer one or more RPMs that are broken (GPG or MD5 NOT OK)
2. install
3. installer accepts the file
	

Actual Results:  Potential to install broken RPMs

Expected Results:  A dialog along these lines, an option for kickstart and
an entry in the install.log

[start]
The package <name> failed verification.
What do you want to do?
'Skip the package', 'Try again', 'Install anyway'
[end]

Additional info:
Comment 1 Brent Fox 2001-05-14 15:12:11 EDT

*** This bug has been marked as a duplicate of 40045 ***
Comment 2 Patrick C. F. Ernzer 2001-08-27 12:32:18 EDT
While I agree with your comment in bug 40045 that giving the user any options is
problematic, I would still like to see the addition of a 'rpm --checksig' for
each package prior to installation of the package so that we do not install
broken packages. Even if this means bailing out of anaconda on failure.

Note You need to log in before you can comment on or make changes to this bug.