Find the answer to your Linux question:
Results 1 to 4 of 4
hi, I have few queries regarding RPM signature 1. what is a signature ? 2. How and why to verify it ? 3. what is a bad signature and what ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Dec 2004
    Posts
    10

    RPM Signatures


    hi,

    I have few queries regarding RPM signature

    1. what is a signature ?

    2. How and why to verify it ?

    3. what is a bad signature and what to do if a downloaded RPM has a bad signature?


    the other question is regarding use of a RPM which is different from distro RPM, by different i mean version .
    The exact query is that i want to reinstall perl-5.8.1-0.RC4.3mdk along with the perl base because i have messed up with installation of perl5.8.6.
    i have to download RPM because i'm unable to configure my computer with drakconf. So searching google with the exact error i found the best way is to reinstall perl5.8.1. however problem is i'm getting perl-5.8.1-0.RC4.3.1.92mdk.i586.rpm and perl-base-5.8.1-0.RC4.3.1.92mdk.i586.rpm instead of perl-5.8.1-0.RC4.3mdk
    and perl-base 5.8.1-0.RC4.3mdk, which have some added patches.

    Can anyone help me out.

    I'm using Mandrake 9.2.

  2. #2
    Linux Guru lakerdonald's Avatar
    Join Date
    Jun 2004
    Location
    St. Petersburg, FL
    Posts
    5,035
    Quote Originally Posted by himanshu
    however problem is i'm getting perl-5.8.1-0.RC4.3.1.92mdk.i586.rpm and perl-base-5.8.1-0.RC4.3.1.92mdk.i586.rpm instead of perl-5.8.1-0.RC4.3mdk
    and perl-base 5.8.1-0.RC4.3mdk, which have some added patches.
    any extra patches that come with the .RC4.3dk rpms should come with the .RC4.3.x.mdk packages as well, since they are the same/newer version of the same branch.
    As for signatures, they are attached to RPMs in order to verify a package's integrity, similar to md5sum with ISO images. A package without a Signature is no cause for alarm, it just means that the system can't check its integrity. A package with an invalid signature is most likely a corrupted source, or your download went bad. Either redownload, or download from a different source.
    -lakerdonald

  3. #3
    Just Joined!
    Join Date
    Dec 2004
    Posts
    10
    Thank you

  4. #4
    Linux Guru lakerdonald's Avatar
    Join Date
    Jun 2004
    Location
    St. Petersburg, FL
    Posts
    5,035
    No Problem

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •