[pacman-dev] Checking whether a package was signed
kachelaqa
kachelaqa at gmail.com
Sat Jan 21 15:48:34 EST 2012
On 21/01/12 19:57, Dan McGee wrote:
> On Sat, Jan 21, 2012 at 12:45 PM, kachelaqa<kachelaqa at gmail.com> wrote:
>> I'm still trying to get to grips with package signing, so this question may
>> not make complete sense, but:
>>
>> Is there a way to check whether the signature was verified when a package
>> was installed?
> No. However, -Si shows the presence of a signature and the various
> checksums (MD5, SHA256) in the database.
Okay, thanks.
Can I ask why this is? I would have expected there to be a least a log
message somewhere.
ISTM that many users might want to know which installed packages on
their systems have verified signatures, and which ones not. Would they
be misguided in seeking that information?
More information about the pacman-dev
mailing list