How can we utilize latest GPG from RPM repository?

Lightner, Jeffrey JLightner at
Thu Feb 15 16:06:00 CET 2018

What you’re missing is WHY you want a later upstream version.   Is there a specific feature you’re needing that isn’t in the one that comes with your distro?

You can’t have it both ways:  You want to stay on a stable distro/version which is the raison d’etre for RHEL/CentOS but want to have the latest package.    As I noted in my prior post you can get the latest of everything by abandoning CentOS in favor of Fedora at the expense of stability.    Your choice of distro is based on many factors.   Some people even build their own packages all from scratch because they don’t like any of the distros.

Not all packages have people that build rpm’s for them.   Many FOSS projects seem to prefer building for Debian or something else and MAY package it for whatever distro they like but some don’t package it for anything and expect you to do the legwork yourself.

In general if it isn’t in RHEL/CentOS I look for it in the EPEL.  If it isn’t there I almost always download the source then configure/compile it.   This isn’t really a difficult process for most packages.

There ARE other locations that MAY provide a package you want.   Have you looked at rpmfind?  rpmbone?

And of course YOU could create the rpm and share it on EPEL yourself so others will have it.

From: Gnupg-users [mailto:gnupg-users-bounces at] On Behalf Of helices
Sent: Thursday, February 15, 2018 9:10 AM
To: gnupg-users at
Subject: Re: How can we utilize latest GPG from RPM repository?

Yes, I know that.
In general, that scheme works well.
However, in another case, rsyslog, a certain function has been broken for many years, and the only fix is to track the developers' most recent versions. In that case, the developers maintain their own repository: ; which is easy to incorporate into: /etc/yum.repos.d/rsyslog.repo
We are hoping something similar is available for gnupg. I have not found that; which is the reason for my posts here.
What am I missing?
Please, advise. Thank you.

On Thu, Feb 15, 2018 at 7:56 AM, Lightner, Jeffrey <JLightner at<mailto:JLightner at>> wrote:
CentOS isn't a vendor.   It is a project that does binary compiles of RHEL sources.

RedHat is the vendor that creates RHEL and its source is used to make CentOS.   RHEL is supported by RedHat if you have a subscription.  CentOS has no direct support though RedHat hosts the project nowadays.

RHEL (and therefore CentOS) major versions such as 7 start with base upstream versions of packages.   RedHat modifies that base upstream package to backport bug and security fixes from later upstream packages if relevant to the original base.   They then add extended versioning to the RPM name.

For example on a test system I just looked at  "yum list gnupg2" shows:
Installed Packages
gnupg2.x86_64                  2.0.22-3.el7                   @anaconda/7.0
Available Packages
gnupg2.x86_64                  2.0.22-4.el7                   rhel-7-server-rpms

Notice the base upstream for both the installed and the available is 2.0.22 but the extended versioning is different (3.el7 vs 4.el7).   You'd have to examine the errata to see what is different about the latter.

In general unless there is a specific feature in upstream you need that is not in the RHEL/CentOS provided version you should use the RHEL/CentOS version on your RHEL/CentOS system.

If you really want the latest of everything you should use Fedora instead of CentOS.   Just be aware that Fedora is bleeding edge and releases a new version twice a year.   Generally that means you HAVE to do a full upgrade at least once a year as they won't offer updated packages for more than two major versions at a time.   For a Production environment that pace of upgrade is usually not desirable which is why people use RHEL/CentOS instead.

-----Original Message-----
From: Gnupg-users [mailto:gnupg-users-bounces at<mailto:gnupg-users-bounces at>] On Behalf Of Daniel Kahn Gillmor
Sent: Wednesday, February 14, 2018 5:31 PM
To: helices; gnupg-users at<mailto:gnupg-users at>
Subject: Re: How can we utilize latest GPG from RPM repository?

On Wed 2018-02-14 14:20:10 -0600, helices wrote:
> CentOS 7 uses gnupg2 v2.0.22. EPEL doesn't have anything newer.
> We want to move to v2.2.x, and stay current, but we don't want to
> download source and compile for dozens of systems.
> We want all users to be using the same version all of the time.

This sounds like a problem for your operating system and/or package manager.  GnuPG has a chain of build dependencies which often makes it difficult to just import directly from a single RPM.

If you were running a more recent operating system, you'd likely get something from the GnuPG "modern" branch as well anyway.

Perhaps you want to ask your operating system vendor what their recommendation is for "backports" of specific packages?


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the Gnupg-users mailing list