What are gpg-pubkey* packages?
The packages named gpg-pubkey*
are fake RPM packages to store and manage the rpm keys. The manpage rpmkeys(8) mention how to list and remove those keys. There is also a YUM addon (package yum-plugin-keys
):
$ yum keys
Key owner Key email Repo Key ID
CentOS-7 Key (CentOS 7 Official Signing Key) [email protected] installed f4a80eb5-53a7ff4b
Fedora EPEL (7) [email protected] installed 352c64e5-52ae6884
keys done
Alternatively, you can use RPM to list the keys in a compact view:
$ rpm -qa --scripts gpg-pubkey* --qf '%{Version}-%{Release} %{Packager}\n'
4a80eb5-53a7ff4b CentOS-7 Key (CentOS 7 Official Signing Key) <[email protected]>
352c64e5-52ae6884 Fedora EPEL (7) <[email protected]>
When a key is imported by the system administrator (using rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7
, rpmkeys
or yum install
) the fake package is created (read where does rpm install custom gpg keys?).
Removing those keys is a good idea, if you purged all packages from that packager/provider/repo, since it will prevent the system from installing or upgrading any package from that repo.
Removing those keys is a bad idea, if you haven't purged all packages from that packager/provider/repo, since it will prevent the system from installing or upgrading any package from that repo.
Related videos on Youtube
Franklin Piat
StackExchange is a great place to share knowledge. I use Unix and Linux, StackOverflow, ServerFault, AskUbuntu and others. Still I learn! (misattributed to Michelangelo, nice quote anyway).
Updated on September 18, 2022Comments
-
Franklin Piat over 1 year
I compared the packages list reported by RPM and YUM on a CentOS 6 and 7. I noticed the lists were slightly different (same issue with RHEL). See Listing installed packages with yum and rpm mismatch on how to compare theRPM and YUM lists). The difference was just packages named
gpg-pubkey
:$ rpm -qa gpg-pubkey* gpg-pubkey-f4a80eb5-53a7ff4b gpg-pubkey-352c64e5-52ae6884
What are those packages? where do they come from? Can I remove those packages?
-
Admin almost 8 years
-
Admin almost 8 years@maxschlepzig, see question <serverfault.com/q/573249/238995> , about where the key are stored.
-