repo-add -v something.db.tar.xz (no packages to add) works without complaint. But then if I run it again, it says “bad signature”. This is quite befuddling. Suggestion: disallow the invocation above, on the grounds that -v is not a standalone verify operation (which I originally thought it was) but one that is supposed to verify the db before actually adding something. Or allow the invocation, and make it a standalone verification operation that does not change the tar file or the signature. My $0.02 Cheers, Johannes. Johannes Ernst upon2020.com <http://upon2020.com/> @Johannes_Ernst GPG: http://upon2020.com/public/pubkey.txt <http://upon2020.com/public/pubkey.txt> Check out UBOS, the Linux distro for personal servers I work on: http://ubos.net/ <http://ubos.net/>