[DOCS-7370] Add rpm signature verification to rpm package installation docs Created: 08/Mar/16 Updated: 11/Jan/17 Resolved: 17/Mar/16 |
|
| Status: | Closed |
| Project: | Documentation |
| Component/s: | manual |
| Affects Version/s: | None |
| Fix Version/s: | 01112017-cleanup |
| Type: | Task | Priority: | Minor - P4 |
| Reporter: | Ernie Hershey | Assignee: | Andrew Aldridge |
| Resolution: | Done | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||
| Participants: | |||||||||
| Days since reply: | 7 years, 47 weeks, 6 days ago | ||||||||
| Description |
|
We've been signing RPM's since https://jira.mongodb.org/browse/SERVER-8770 - in 3.0.8+ so we should change the rpm installation docs for redhat, suse, amazon linux, for both community and enterprise, to include gpgcheck=1 and include instructions for importing our public keys. For example here we imply our packages aren't signed and don't mention verification or importing the public key - And here we mention it - |
| Comments |
| Comment by Githook User [ 17/Mar/16 ] |
|
Author: {u'username': u'i80and', u'name': u'Andrew Aldridge', u'email': u'i80and@foxquill.com'}Message: Signed-off-by: kay <kay.kim@10gen.com> |
| Comment by Andrew Aldridge [ 17/Mar/16 ] |
|
Zypper support will be handled in |
| Comment by Ernie Hershey [ 11/Mar/16 ] |
|
We need to add a step to package publlishing that signs the repo metadata. I'm surprised redhat doesn't have the same requirement. I opened BUILD-1340 to track doing that. |