There’s been a fair bit of confusion about things with the change to sha256 checksums in yum/createrepo. Here’s a bit of a summary if you’re dealing with it and rhel5/centos5:

If you want to consume metadata created with sha256 checksums and you’re on el5 you need:

1. python-hashlib – rpms here:

2. yum 3.2.19 – in rhel5.3, coming soon on centos 5.3

That’s it!

If you want to generate metadata with sha256 checksums and you’re on el5 you need:

1. yum from rawhide 😦 – or wait for the upcoming yum 3.2.22 release – not likely to be driven to el5 itself.

2. createrepo from rawhide or wait for the upcoming 0.9.7 release. (You will have to upgrade your own createrepo from 0.4.X stock with el5 – changing to this version is unlikely inside el5 itself.)

3. python-hashlib

Hope this helps.

Reading planet gnome – I came across this post. It complains that the fedora desktop team is well, it’s kind of vague as to what the desktop team isn’t doing or not. And that’s neither here nor there. The part I’m interested in is from a comment by the author of the original post. Let me quote it here:

What is the fix, is there a fix? I don’t know, I certainly hope things can get better just by discussing openly, and yes I hold Fedora to higher standards that, say, Ubuntu, but be sure I also want the “Ubuntu blueprints” and their consequences, discussed with upstream GNOME.

I kinda like the line “I hold Fedora to higher standards tha[n], say, Ubuntu”.

So, to the fedora desktop team I’d like to say:   good for you for having people hold you to higher standards. People only say things like that when they have past experience to expect it. Clearly that means you’re doing things properly.