Packaging 3-rd party repositories in rpmfusion

Till Maas opensource at
Mon Feb 3 12:03:02 CET 2014

On Mon, Feb 03, 2014 at 11:30:42AM +1100, Ankur Sinha wrote:

> One concern is that some of the rpms that third parties provide do ship
> their own repo files. So, after the user installs a package, he might
> end up with two repo files? We'll have to use proper conflicts in the
> specs. What about GPG keys? (The adobe-release package ships a repo file
> and a GPG key.)

If RPMFusion ships configuration for other repos, the package should
also include the GPG key, set gpgcheck=1 and include only the intended
packages with includepkgs to minimise security problems.


More information about the rpmfusion-developers mailing list