Re: How are Fedora RPM packagess verified in RPMFusion buildsys?

On 2010/02/01 3:57 AM, Till Maas wrote: > > Hiyas, > > On Wed, Jan 13, 2010 at 02:42:26PM +0100, Till Maas wrote: > >> I just wondered how the RPM packages from Fedora used in RPMFusion >> buildroots are verfied on the RPMFusion builders. Fedora uses direct >> access to the RPM packages via a secure channel afaik, but since >> RPMFusion does not use Fedora infrastructure, this seems not to be >> possible. Also I did not found the typical RPM message about importing >> the GPG key that is usually displayed on my local mock builds in the >> RPMFusion build roots. Therefore I fear that the RPMs are not verified >> at all, but please don't let this be true. > > except for a answer about the default mock config, there was no reply to > this within two weeks. So I conclude that they are very likely not > verified and nobody cares, thats bad. :-( I would bet that a more likely conclusion is that few people have access to the buildsys, and those that do are very busy ;)