[opensuse-factory] JFYI: Since zypper-1.6.2 repos were per default created with gpgchecks disabled (fixed in -1.6.15)
Hi. Due to a bug zypper-1.6.2 per default creates repositories with gpgchecks disabled. This is fixed in zypper-1.6.15. Looks like just a few people actually noticed this, nevertheless you should check and fix your systems in case they are affected. - To see whether repos on your system have gpgchecks disabled, you can run: grep -H 'gpgcheck=0' /etc/zypp/repos.d/* This will list the repos with disabled gpgchecks (I did not find a zypper command doing this). - To enable gpgchecks run zypper modifyrepo --gpgcheck <--all|REPOALIAS> - To create repos with gpgchecks enabled until zypper-1.6.15 is available use: zypper addrepo --gpgcheck ... -- cu, Michael Andres +------------------------------------------------------------------+ Key fingerprint = 2DFA 5D73 18B1 E7EF A862 27AC 3FB8 9E3A 27C6 B0E4 +------------------------------------------------------------------+ Michael Andres SUSE LINUX Products GmbH, Development, ma@suse.de GF:Jeff Hawn,Jennifer Guild,Felix Imendörffer, HRB16746(AG Nürnberg) Maxfeldstrasse 5, D-90409 Nuernberg, Germany, ++49 (0)911 - 740 53-0 +------------------------------------------------------------------+ -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-factory+help@opensuse.org
Am Tue, 30 Aug 2011 13:26:31 +0200 schrieb Michael Andres <ma@suse.de>:
I actually noticed this and wanted to ask if I had done something wrong, but just got sidetracked and finally forgot - and BTW security is for wimps anyway :-)
susi:~ # grep -H 'gpgcheck=0' /etc/zypp/repos.d/* /etc/zypp/repos.d/arduino-kk.repo:gpgcheck=0 /etc/zypp/repos.d/arduino.repo:gpgcheck=0 /etc/zypp/repos.d/chromium.repo:gpgcheck=0 /etc/zypp/repos.d/cross-avr.repo:gpgcheck=0 That explains something ;-) Thanks for explaining. -- Stefan Seyfried "Dispatch war rocket Ajax to bring back his body!" -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-factory+help@opensuse.org
Am Tue, 30 Aug 2011 13:26:31 +0200 schrieb Michael Andres <ma@suse.de>:
I actually noticed this and wanted to ask if I had done something wrong, but just got sidetracked and finally forgot - and BTW security is for wimps anyway :-)
susi:~ # grep -H 'gpgcheck=0' /etc/zypp/repos.d/* /etc/zypp/repos.d/arduino-kk.repo:gpgcheck=0 /etc/zypp/repos.d/arduino.repo:gpgcheck=0 /etc/zypp/repos.d/chromium.repo:gpgcheck=0 /etc/zypp/repos.d/cross-avr.repo:gpgcheck=0 That explains something ;-) Thanks for explaining. -- Stefan Seyfried "Dispatch war rocket Ajax to bring back his body!" -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-factory+help@opensuse.org
participants (2)
-
Michael Andres -
Stefan Seyfried