On 06/22/16 13:15, Samuel Sieb wrote: > On 06/21/2016 10:04 PM, Antonio M wrote: >> a silly question, how do you understand that a package is signed in any >> repo?? apart from the warning of dnf, of course.... >> > That would be the primary way. Otherwise, if you have rpmdevtools installed, > you can > download the rpm and run rpmdev-checksig on it. That's what I used to check > some rpms > from rpmfusion to determine that they aren't signed. >
Or you could run rpm -K rpmfile This shows the output of a signed rpm [root@meimei ~]# rpm -K aime-8.20160504-1.fc23.x86_64.rpm aime-8.20160504-1.fc23.x86_64.rpm: rsa sha1 (md5) pgp md5 OK This shows the output of a non-signed rpm [egreshko@acer ~]$ rpm -K libmpg123-1.22.4-1.fc24.x86_64.rpm libmpg123-1.22.4-1.fc24.x86_64.rpm: sha1 md5 OK -- You're Welcome Zachary Quinto -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://lists.fedoraproject.org/admin/lists/users@lists.fedoraproject.org Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
