Re: Track installed packages without signature
On 5/24/20 7:13 AM, Danishka Navin wrote: Btw, is there away to stop package installation with |--nosignature |option? Idea is it restricts installation packages without correct signature. Trying to stop yourself or someone else from installing? By default, dnf will not install a package with a bad signature. ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Re: Track installed packages without signature
On Sun, 24 May, 2020 at 19:43, Danishka Navin wrote: On Sun, May 24, 2020 at 6:53 PM berend wrote: On Sun, 24 May, 2020 at 18:36, Danishka Navin wrote: > Hi, > > Is it possible to find out all installed packages which were not > signed (installed by ignoring gpgcheck). Start with: rpm --query --queryformat "%{NAME} %{SIGPGP:pgpsig}\n" --all You may need to cross-check the key ID to verify to find packages that were signed, but you don't have the key for. Thanks Berend. Btw, is there away to stop package installation with --nosignatureoption? Idea is it restricts installation packages without correct signature. Not really. Package installation requires root access anyway. Root can just extract the RPM archive manually using cpio and skip every single RPM sanity check. ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Re: Track installed packages without signature
On Sun, May 24, 2020 at 6:53 PM berend wrote: > > > On Sun, 24 May, 2020 at 18:36, Danishka Navin > wrote: > > Hi, > > > > Is it possible to find out all installed packages which were not > > signed (installed by ignoring gpgcheck). > > Start with: > rpm --query --queryformat "%{NAME} %{SIGPGP:pgpsig}\n" --all > > You may need to cross-check the key ID to verify to find packages that > were signed, but you don't have the key for. > > Thanks Berend. Btw, is there away to stop package installation with --nosignature option? Idea is it restricts installation packages without correct signature. ___ > users mailing list -- users@lists.fedoraproject.org > To unsubscribe send an email to users-le...@lists.fedoraproject.org > Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org > -- Danishka Navin ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Re: Track installed packages without signature
On Sun, 24 May, 2020 at 18:36, Danishka Navin wrote: Hi, Is it possible to find out all installed packages which were not signed (installed by ignoring gpgcheck). Start with: rpm --query --queryformat "%{NAME} %{SIGPGP:pgpsig}\n" --all You may need to cross-check the key ID to verify to find packages that were signed, but you don't have the key for. ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Track installed packages without signature
Hi, Is it possible to find out all installed packages which were not signed (installed by ignoring gpgcheck). regards, -- Danishka Navin ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org