linux yum - yum warning: rpmts_HdrFromFdno

【基本介绍】
在yum安装软件的时候有时候会报warning: rpmts_HdrFromFdno: Header V3 DSA signature: NOKEY, key ID*****.

【问题原因】
签名的作用就是为了验证包的完整性和可靠性。
In fact, all recently-produced package files will have these verification measures built in automatically. Older package files had only a PGP-based signature; if that was missing, there was nothing left to verify.
新的包在编译的时候都会自动添加验证信息。而旧包里面没有

【解决方法】

Digital  signatures  cannot  be  verified  without  a  public key.  An ASCII armored public key can be added to the rpm database using
       rpm --import PUBKEY ...

       rpm {--checksig} [--nosignature] [--nodigest]
           PACKAGE_FILE ...

       The  --checksig option checks all the digests and signatures contained in PACKAGE_FILE to ensure the integrity and origin of the pack-
       age. Note that signatures are now verified whenever a package is read, and --checksig is useful to verify all of the digests and  sig-
       natures associated with a package.

       Digital  signatures  cannot  be  verified  without  a  public key.  An ASCII armored public key can be added to the rpm database using
       --import. An imported public key is carried in a header, and key ring management is performed exactly  like  package  management.  For
       example, all currently imported public keys can be displayed by:

       rpm -qa gpg-pubkey*

       Details about a specific public key, when imported, can be displayed by querying.  Here鈥檚 information about the Red Hat GPG/DSA key:

       rpm -qi gpg-pubkey-db42a60e

       Finally, public keys can be erased after importing just like packages. Here鈥檚 how to remove the Red Hat GPG/DSA key

       rpm -e gpg-pubkey-db42a60e

rpm --import /etc/pki/rpm-gpg/RPM*

【参考引用】
[url]http://pandarabbit.blog.163.com/blog/static/209284144201241810300804/[/url]
[url]http://www.rpm.org/max-rpm/s1-rpm-checksig-using-rpm-k.html[/url]