8868011d4c
Enable repo GPG checks causes some CentOS systems to become unable to retrieve yum metadata. It also causes the security gate jobs to balloon out to 12 minutes (normally 3-4 mins). Closes-Bug: 1641729 Change-Id: I229b471bbd9fbe39776b9022671b03da0a659163
630 B
630 B
---id: RHEL-07-020151 status: implemented tag: packages ---
On Ubuntu systems, the tasks comment out the no-debsig
configuration line in /etc/dpkg/dpkg.cfg. This causes
dpkg to verify GPG signatures for all packages that are
installed locally.
On CentOS 7 systems, the tasks set the localpkg_gpgcheck
option to 1 in the /etc/yum.conf file. This
enables GPG checks for all packages installed locally with
yum.
Setting security_enable_gpgcheck_packages_local to
no will skip the no-debsig adjustment on
Ubuntu and it will set local_gpgcheck=0 in
/etc/yum.conf on CentOS systems.