[Rpm-maint] next question: can rpm fail (instead of warn) on a bad signature?

Shandy Brown sbrown at vmware.com
Fri Dec 15 09:45:29 UTC 2006


> NOT OK will only occur if the file is corrupted - if it is an intact rpm
> but unsigned it still has a header digest and a header+payload digest to
> verify it's untampered with.  Thus rpm -K tells you this is the rpm
> built and intact and the payload and headers are consistent with the
> digests.

Is there some other method to detect that an rpm file is not signed?

Other than installing it and checking with rpm -qi.

sjbrown



More information about the Rpm-maint mailing list