Re: Track installed packages without signature
On 5/24/20 7:13 AM, Danishka Navin wrote: Btw, is there away to stop package installation with |--nosignature |option? Idea is it restricts installation packages without correct signature. Trying to stop yourself or someone else from installing? By default, dnf will not install a package with a bad signature. ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Re: Track installed packages without signature
On Sun, 24 May, 2020 at 19:43, Danishka Navin
wrote:
On Sun, May 24, 2020 at 6:53 PM berend
wrote:
On Sun, 24 May, 2020 at 18:36, Danishka Navin
wrote:
> Hi,
>
> Is it possible to find out all installed packages which were not
> signed (installed by ignoring gpgcheck).
Start with:
rpm --query --queryformat "%{NAME} %{SIGPGP:pgpsig}\n" --all
You may need to cross-check the key ID to verify to find packages
that
were signed, but you don't have the key for.
Thanks Berend.
Btw, is there away to stop package installation with
--nosignatureoption?
Idea is it restricts installation packages without correct signature.
Not really. Package installation requires root access anyway. Root can
just extract the RPM archive manually using cpio and skip every single
RPM sanity check.
___
users mailing list -- users@lists.fedoraproject.org
To unsubscribe send an email to users-le...@lists.fedoraproject.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Re: Track installed packages without signature
On Sun, May 24, 2020 at 6:53 PM berend wrote:
>
>
> On Sun, 24 May, 2020 at 18:36, Danishka Navin
> wrote:
> > Hi,
> >
> > Is it possible to find out all installed packages which were not
> > signed (installed by ignoring gpgcheck).
>
> Start with:
> rpm --query --queryformat "%{NAME} %{SIGPGP:pgpsig}\n" --all
>
> You may need to cross-check the key ID to verify to find packages that
> were signed, but you don't have the key for.
>
>
Thanks Berend.
Btw, is there away to stop package installation with --nosignature option?
Idea is it restricts installation packages without correct signature.
___
> users mailing list -- users@lists.fedoraproject.org
> To unsubscribe send an email to users-le...@lists.fedoraproject.org
> Fedora Code of Conduct:
> https://docs.fedoraproject.org/en-US/project/code-of-conduct/
> List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
> List Archives:
> https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
>
--
Danishka Navin
___
users mailing list -- users@lists.fedoraproject.org
To unsubscribe send an email to users-le...@lists.fedoraproject.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Re: Track installed packages without signature
On Sun, 24 May, 2020 at 18:36, Danishka Navin
wrote:
Hi,
Is it possible to find out all installed packages which were not
signed (installed by ignoring gpgcheck).
Start with:
rpm --query --queryformat "%{NAME} %{SIGPGP:pgpsig}\n" --all
You may need to cross-check the key ID to verify to find packages that
were signed, but you don't have the key for.
___
users mailing list -- users@lists.fedoraproject.org
To unsubscribe send an email to users-le...@lists.fedoraproject.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Track installed packages without signature
Hi, Is it possible to find out all installed packages which were not signed (installed by ignoring gpgcheck). regards, -- Danishka Navin ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
