tracker: F45 change: Enforcing RPM signature checking by default

Fedora 44 introduces the system‑wide change [Enforcing signature checking by default](https://fedoraproject.org/wiki/Changes/Enforcing_signature_checking_by_default), which tightens RPM’s default package verification behavior (via `%_pkgverify_level` and related settings). In the 2025-12-10 community meeting, we identified this as potentially impacting rpm-ostree layering. We need to ensure rpm-ostree continues to work correctly with the new defaults, especially for:

  - Layering packages from Fedora’s signed repositories.                                                                                                                                            
  - The behavior and support expectations around layering custom/unsigned RPMs.

---

- Fedora Change: https://fedoraproject.org/wiki/Changes/Enforcing_signature_checking_by_default
- **Upstream tracker (rpm-osree):** https://github.com/coreos/rpm-ostree/issues/5540

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

tracker: F45 change: Enforcing RPM signature checking by default #2085

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

tracker: F45 change: Enforcing RPM signature checking by default #2085

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions