Feature added by: Ludwig Nussel (lnussel) Feature #313400, revision 1 Title: store gpg key in fs instead of rpmdb openSUSE Distribution: Unconfirmed Priority Requester: Desirable Requested by: Ludwig Nussel (lnussel) Partner organization: openSUSE.org Description: currently gpg keys used by rpm for signature verification apppar to be installed in the rpmdb as some kind of pseudo package (rpm -qa 'gpg-pubkey*'). This makes them rather clumsy to manage. It would be better to have gpg keys as regular files in the file system. In fact rpm supports that since a while via the %_keyringpath option. It's set to %{_dbpath}/pubkeys/ by default. If any keys are found in that directory the keys in the rpmdb are no longer used. Therefore I propose to: - change the openSUSE-build-key package to drop it's files into %_keyringpath - patch libzypp to prefer %_keyringpath too - add a %post snippet to rpm or openSUSE-build-key to export extra keys in rpmdb to %_keyringpath and remove them from rpmdb afterwards - make %_keyringpath an array so we can have distro provided keys in /usr and admin/locally configured keys in /etc -- openSUSE Feature: https://features.opensuse.org/313400