Fedora – How to Add RPM Fusion and Livna Repositories

dnffedoramultimediayum

RPM Fusion and Livna are common third party package repositories for Fedora. You need them if you want to install media players, codecs and/or DVD playback libraries that are not part of the primary Fedora repository because of assumed issues like distribution licensing or similar.

Thus my question how to enable them in Fedora (>= 17)?

2018 update: For the last years, the reason d'être for the Livna repository was the fact that it hosted the libdvdcss package. All previous other Livna packages were migrated to rpmfusion, years ago. Since 2018, rpmfusion created the free tainted rpmfusion repository which does include libdvdcss. They also provided an upgrade package that automatically removed any livna release package.

Thus, there isn't any use for Livna now. As a cautionary measure, it shouldn't be trusted anymore, in case the Livna domain expires and then is obtained by some domain grabber.

Best Answer

For RPM Fusion (free repository):

Get the release rpm:

$ curl -O https://download1.rpmfusion.org/free/fedora/\
rpmfusion-free-release-$(rpm -E %fedora).noarch.rpm

Check the archive's integrity via:

$ rpm --checksig rpmfusion-free-release-$(rpm -E %fedora).noarch.rpm

Which should fail with:

[..] MISSING KEYS: GPG#KEY_ID [..]

Add key to your gpg keyring for checking:

$ gpg --keyserver pgp.mit.edu --recv-keys KEY_ID

In case the key is not available on a keyserver you have to download it from the rpmfusion key page:

$ curl -o RPM-GPG-KEY-rpmfusion-free-fedora-$(rpm -E %fedora) \
    'https://rpmfusion.org/\
keys?action=AttachFile&do=get&target=\
RPM-GPG-KEY-rpmfusion-free-fedora-'$(rpm -E %fedora)

Compare the fingerprint with the published information on the RPM Fusion key site, via a web-search and possibly check the web of trust:

$ gpg --fingerprint KEY_ID

If successful make the key known to rpm:

$ gpg --export -a KEY_ID \
    > RPM-GPG-KEY-rpmfusion-free-fedora-$(rpm -E %fedora)
# rpm --import RPM-GPG-KEY-rpmfusion-free-fedora-$(rpm -E %fedora)

Check the integrity of the package for real:

$ rpm --checksig rpmfusion-free-release-$(rpm -E %fedora).noarch.rpm

If it is ok install it:

# dnf install rpmfusion-free-release-$(rpm -E %fedora).noarch.rpm

This will create config files under /etc/yum.repos.d/ and key files under /etc/pki/rpm-gpg.

Note that the # means that you have to execute those commands as root.

After this, to enable other rpmfusion repositories like nonfree or free tainted is just an install command away. For example:

# dnf install rpmfusion-free-release-tainted

This is secure, as this release package is signed by the previously verified packaging gpg key.

Fingerprint

As the time of this writing, the rpmfusion Fedora 29 GPG key has the following fingerprint:

BD12 7385 C312 090F F2F3 5FA1 1191 A7C4 42F1 9ED0

Related Solutions

Fedora – How to add a repository on Fedora

The Fedora 14 docs. haven't been updated yet. The latest way to do this with just a .repo file is:

yum-config-manager --add-repo=https://some.repo.example.org/foo/bar/Fedora_14/foo_bar.repo

...you can then use yum-config-mananger --enable etc. too.

Fedora – How to remove Orphan Packages in Fedora

package-cleanup --quiet --leaves from the yum-utils package will list the library packages which aren't relied upon by other packages. Unfortunately it tends to be a bit overeager. On my system, for example, it suggested removing libvirt. Adding the --exclude-bin argument helps. If you're happy with it's suggestion, then to clean up the packages, do:

# package-cleanup --quiet --leaves --exclude-bin | xargs yum remove -y

Best Answer

Fingerprint

Related Solutions

Fedora – How to add a repository on Fedora

Fedora – How to remove Orphan Packages in Fedora

Related Question