While adding a departmental DNF software repository on a RHEL-based host, a security policy requires the system to verify the GPG signature of the repository's metadata (for example the repomd.xml file) before any packages are processed. Which single option must be set to 1 in the repository's .repo stanza to enable this check?
The repo_gpgcheck option controls whether DNF verifies the GPG signature that accompanies the repository's metadata. Setting repo_gpgcheck=1 causes DNF to look for a signed repomd.xml.asc file and refuse the repository if that signature cannot be validated. The gpgcheck option instead validates individual RPM package signatures, gpgkey only provides the URL of the key file, and sslverify relates to TLS certificate verification-none of those alone enforce metadata-signature validation.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is the purpose of GPG signature verification in a repository?
Open an interactive chat with Bash
How is 'repo_gpgcheck=1' different from 'gpgcheck=1'?
Open an interactive chat with Bash
What is the role of the gpgkey option in a .repo file?
Open an interactive chat with Bash
CompTIA Linux+ XK0-006 (V8)
Services and User Management
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
IT & Cybersecurity Package Join Premium for Full Access