Re: How are Fedora RPM packagess verified in RPMFusion buildsys?
Hiyas,
On Wed, Jan 13, 2010 at 02:42:26PM +0100, Till Maas wrote:
I just wondered how the RPM packages from Fedora used in RPMFusion
buildroots are verfied on the RPMFusion builders. Fedora uses direct
access to the RPM packages via a secure channel afaik, but since
RPMFusion does not use Fedora infrastructure, this seems not to be
possible. Also I did not found the typical RPM message about importing
the GPG key that is usually displayed on my local mock builds in the
RPMFusion build roots. Therefore I fear that the RPMs are not verified
at all, but please don't let this be true.
except for a answer about the default mock config, there was no reply to
this within two weeks. So I conclude that they are very likely not
verified and nobody cares, thats bad. :-(
Regards
Till
Attachments:
- attachment.sig (application/pgp-signature — 836 bytes)