Ahmad Mahfouz

Random notes

RPM integrity and scripts

Yum repository comes with gpg  and md5 support to verify the validity of the package

You can list installed gpg keys in your system via

It will show the unique id for the installed keys in your  system

gpg-pubkey-e8562897-459f07a4
gpg-pubkey-217521f6-45e8a532

To list all information related to a key
rpm -qi pgp-key-unique-id

 

It will show version, vendor  and much more useful for debugging
To verify a package against the  installed keys

U can use parameter  k with rpm

Example

 

U will notice ok if passed pgp and md5 check

To. Verify which key used to validate this package h can use

 

It will show the public key id

Package developer  can add  some scripts to package metadata that run as root

To list scripts inside the rpm package

please notice the

preinstall,postinstall,preuninstall,postuninstall

before and after install

and before and after uninstall

to make rpm transaction with skipping scripts  you should use no script parameter to yum

happy consoles

Leave a Reply

Your email address will not be published. Required fields are marked *.

*
*
You may use these <abbr title="HyperText Markup Language">HTML</abbr> tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code class="" title="" data-url=""> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong> <pre class="" title="" data-url=""> <span class="" title="" data-url="">

*

This site uses Akismet to reduce spam. Learn how your comment data is processed.