Wonderful idea, perfect solution. --- Ben Reser <[EMAIL PROTECTED]> wrote: > Having urpmi/rpmdrake > know where to find the GPG keys for various sources. > I would propose > that a file name is made as a standard for the key > for a source that is > placed in the same path as the hdlist/synthesis > file. That file would > contain a name or names of packages that contained > the sites GPG keys. > > On the first install from that source urpmi/rpmdrake > would prompt the > user if they wished to install this key. The file > would then be > downloaded and installed prior to any other package > installations. > > In the future if the key would need upgrading the > version/release could > be incremented causing urpmi/rpmdrake to update it. > urpmi/rpmdrake > would store the package name(s) of the keys. So it > would always cause > that package to be updated in a separate rpm call > prior to updating the > rest of the packages. > > To ensure the keys and there is a trust chain it's > possible Mandrake > could sign the packages for these people. I don't > think there are a lot > of sites using the urpmi system. But perhaps > Mandrake signing the > packages would be a bad idea for trust and work load > issues. > > Just a thought. What do you guys think?
__________________________________________________ Do you Yahoo!? HotJobs - Search new jobs daily now http://hotjobs.yahoo.com/
