On Mon, Jan 18, 2010 at 09:05:49PM +0100, Till Maas wrote: > On Mon, Jan 18, 2010 at 12:35:43PM -0700, Kevin Fenzi wrote: > > On Mon, 18 Jan 2010 19:59:20 +0100 > > Till Maas <[email protected]> wrote: > > > > > > The mock config can be changed to not use this repo that only provides > > > unsigned RPMs: > > > http://buildsys.fedoraproject.org/buildgroups/rhel5/i386/ > > > > > > Then one can a lot easier enable gpgcheck in the mock config. > > > Currently it involves downloading and auditing the rpms in above repo > > > and mirror it locally. > > > > Perhaps we could just sign those packages? > > (Possibly with a different key)? > > I don't think that it would be easier, but if it is done, then please > with the same key to kind of ensure that it is stored carefully. > Here is btw the discussion from 2007 about the same issue but for > Fedora: > > http://lists.fedoraproject.org/pipermail/devel/2007-June/104640.html
Another three weeks have passed without any progress, so I will create a review request for buildsys-macros. Regards Till
pgphEsr2oGzEC.pgp
Description: PGP signature
_______________________________________________ epel-devel-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/epel-devel-list
