* Allison King via devel-announce: > == Summary == > Change the RPM default package verification mode to enforcing signature > checking, to follow upstream > RPM 6.0 default: > only packages with a verified signature can be installed, unless explicitly > overridden by `--nosignature > ` or corresponding API.
Does this impact things like dnf install? This is relevant for activating third-party repositories. For example, the EPEL instructions currently contain this: dnf install https://dl.fedoraproject.org/pub/epel/epel-release-latest-10.noarch.rpm I think we need something equally convenient to enroll the new signing key at the same time. It won't be Fedora's. Thanks, Florian -- _______________________________________________ devel mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/[email protected] Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
