Verify all installed packages using rpm -V #89
Conversation
|
[test] |
Verify all installed packages using rpm -V
|
I came across this while doing some code archaeology. Does anyone remember why verifying installed packages is a good idea? It seems to me that if we just installed something from a trusted source using trusted tools, then everything we just installed would have been valid. |
|
Nevermind, found the answer in sclorg/s2i-perl-container#67 |
|
Thank you for the context. I don't think we need it anymore as dnf fails if it cannot find a package for at least one of arguments given. I recall I had a problem with the verification. The problem was that I wanted to use a provide provided by a different packages on different OS versions and therefore being more universal than the name of the RPM that had to differ but the verification stopped me because you can verify only names, not provides. I don't recall the solution I chose then. |
No description provided.