-->
Page 100
You'll probably never have to use it, but the -vv option will give you insights into how RPM verifies packages. Here's an example:
# rpm -Kvv rpm-2.3-1.i386.rpm D: New Header signature D: magic: 8e ad e8 01 D: got : 8e ad e8 01 D: Signature size: 236 D: Signature pad : 4 D: sigsize : 240 D: Header + Archive: 278686 D: expected size : 278686 rpm-2.3-1.i386.rpm: Header+Archive size OK: 278686 bytes Good signature from user "Red Hat Software, Inc. <[email protected]>". Signature made 1996/12/24 18:37 GMT using 1024-bit key, key ID CBA29BF9
WARNING: |
Because this public key is not certified with a trusted signature, it is not known with high confidence that this public key actually belongs to: "Red Hat Software, Inc. <[email protected]>". MD5 sum OK: 8873682c5e036a307dee87d990e75349 # |
The lines starting with D: represent extra output produced by the -vv option. This output is normally used by software developers in the course of adding new features to RPM and is subject to change, but there's no law against looking at it.
Briefly, the output shows that RPM has detected a new-style signature block, containing size, MD5 checksum, and PGP signature information. The size of the signature, the size of the package file's header and archive sections, and the expected size of those sections are all displayed.
The --rcfile option is used to specify a file containing default settings for RPM. Normally, this option is not needed. By default, RPM uses /etc/rpmrc and a file named .rpmrc located in your login directory.
This option would be used if there were a need to switch between several sets of RPM defaults. Software developers and package builders will normally be the only people using the --rcfile option. For more information on rpmrc files, see Appendix B.