On 13/12/2021 21.03, Stefan Seyfried wrote:
Hi Marc,On 13.12.21 09:35, Marc Schiffbauer wrote:* Stefan Seyfried schrieb am 12.12.21 um 00:04 Uhr:
...
But yes, signing a new key with the old one is a good idea....only if the tools (zypper, yast, rpm) actually accept this "new key signed with old one" without crazy warnings ;-)If they still complain, then we do not win too much (but also will not lose anything) by signing the new key with te old one.
It depends on zypper keeping a chain of trust like "normal" key signing which is done by gpg and stored in ~/.gnupg/, maybe file trustdb.gpg, I'm not sure.
This might be somewhere in /var/lib/rpm/* (now /usr/lib/sysimage/rpm), but I don't know if it does and I suspect it doesn't.
--
Cheers / Saludos,
Carlos E. R.
(from 15.2 x86_64 at Telcontar)
OpenPGP_signature
Description: OpenPGP digital signature
_______________________________________________ Packman mailing list [email protected] https://lists.links2linux.de/cgi-bin/mailman/listinfo/packman
