For RPM packages, there is no separate signature. 对于RPM包,没有单独的签名。RPM packages have a built-in GPG signature and MD5 checksum. You can verify a package by running the following command:RPM包具有内置的GPG签名和MD5校验和。您可以通过运行以下命令来验证包:
shell> rpm --checksig package_name.rpm
Example:实例
shell> rpm --checksig MySQL-server-8.0.25-0.linux_glibc2.5.i386.rpm
MySQL-server-8.0.25-0.linux_glibc2.5.i386.rpm: md5 gpg OK
If you are using RPM 4.1 and it complains about 如果您使用的是RPM 4.1,它抱怨(GPG) NOT OK (MISSING KEYS: GPG#5072e1f5), even though you have imported the MySQL public build key into your own GPG keyring, you need to import the key into the RPM keyring first. (GPG) NOT OK (MISSING KEYS: GPG#5072e1f5),即使您已经将MySQL公共构建密钥导入到自己的GPG密钥环中,您也需要首先将密钥导入到RPM密钥环中。RPM 4.1 no longer uses your personal GPG keyring (or GPG itself). Rather, RPM maintains a separate keyring because it is a system-wide application and a user's GPG public keyring is a user-specific file. RPM 4.1不再使用您的个人GPG钥匙圈(或GPG本身)。相反,RPM维护一个单独的密钥环,因为它是一个系统范围的应用程序,而用户的GPG公共密钥环是一个用户特定的文件。To import the MySQL public key into the RPM keyring, first obtain the key, then use rpm --import to import the key. For example:要将MySQL公钥导入RPM密钥环,首先获取密钥,然后使用rpm --import导入密钥。例如
shell> gpg --export -a 5072e1f5 > 5072e1f5.asc shell> rpm --import 5072e1f5.asc
Alternatively, rpm also supports loading the key directly from a URL, and you can use this manual page:或者,rpm还支持直接从URL加载密钥,您可以使用此手册页:
shell> rpm --import https://dev.mysql.com/doc/refman/8.0/en/checking-gpg-signature.html
If you need to obtain the MySQL public key, see Section 2.1.4.2, “Signature Checking Using GnuPG”.如果您需要获取MySQL公钥,请参阅第2.1.4.2节,“使用GnuPG进行签名检查”。