Product SiteDocumentation Site

Setting the verification flags

Starting with rpm 4.1, package files are verified automatically, which can cause problems, especially if you are working with older packages, or packages without proper digital signatures.
In most cases, the automatic verification is an advantage, since you can have greater confidence in the package files. However, you can call setVSFlags on a transaction set to change the default behavior.
ts.setVSFlags(flags)
For example, if you have problems with old packages that do not have proper signatures, you can use code like the following to ignore such checks:
# Set to not verify DSA signatures.
ts.setVSFlags(rpm.RPMVSF_NODSA)
Table 17-3 lists the flags you can pass to setVSFlags on a transaction set. These flags are bitmasks. You can or them together for more than one setting. You must do a binary or. Do not use the Python or keyword. Use | instead, for a binary or operation.
Table 17-3 Flags for setVSFlags
Flag
Meaning
rpm.RPMVSF_NEEDPAYLOAD
Leave the file handle positions at the beginning of the payload.
rpm.RPMVSF_NOHDRCHK
Don’t check the RPM database header.
rpm.RPMVSF_ NODSA
Don’t check the header and payload DSA signatures.
rpm.RPMVSF_ NODSAHEADER
Don’t check the header DSA signature.
rpm.RPMVSF_ NOMD5
Don’t check the header and payload MD5 digests.
rpm.RPMVSF_ NORSA
Don’t check the header and payload RSA signatures.
rpm.RPMVSF_ NOSHA1HEADER
Don’t check the header SHA1 digest.
rpm._RPMVSF_NODIGESTS
Convenience to not check digests.
rpm._RPMVSF_NOSIGNATURES
Convenience to not check signatures.
To turn off all checks, you can pass –1 to setVSFlags:
ts.setVSFlasgs(-1)