On Saturday 10 August 2002 20:19, allen wrote:
>Is there an incantation to test all rpm's for sigs ? rpm -something *.rpm ?
>
>Tell me what that is and I'll do the dirty work...
>
You are a brave man. To check the sig on an RPM file, you can use:
# rpm --checksig whatever-packagefile.rpm
I fear that if you do this against the entire cooker, it could take...
well, a long time.
Unless I am mistake, if the package has bad keys, it soule come up
similar to this lovely example:
[chas@hathor chas]$ rpm --checksig kernel-enterprise-*
kernel-enterprise-2.4.19.1mdk-1-1mdk.i586.rpm: md5 (GPG) NOT OK (MISSING KEYS:
GPG#70771FF3)
so perhaps rpm --checksig | grep "NOT OK" /repository/*rpm > /tmp/rpms_with_badsigs
would do the trick?
(The kernel package is correctly signed, but I did the check as a
normal user without the Mandrake Linux key on my gpg keyring, so you
should either be root or makesure all of the appropriate mandrake
keys are on your users keyring before doing the test.)
*luck*
-Chuck
--
+-% He's a real UNIX Man $-+-------------------------------------+
\ Sitting in his UNIX LAN \ Charles A. Shirley \
\ Making all his UNIX plans \ cashirley (at) comcast (dot) net \
+------# For nobody @------+-------------------------------------+
