diff --git a/CHANGES b/CHANGES
index b22b37859..ef38fd6a2 100644
--- a/CHANGES
+++ b/CHANGES
@@ -97,6 +97,7 @@
 	- splint annotationsm, signature cleanup.
 	- drill ts/fi through verify mode, add methods to keep fi abstract.
 	- use mmap when calculating file digests on verify, ~20% faster.
+	- permit --dbpath and --root with signature (i.e. --import) modes.
 
 4.0.3 -> 4.0.4:
 	- solaris: translate i86pc to i386 (#57182).
diff --git a/lib/poptQV.c b/lib/poptQV.c
index cbfa2edeb..85469dc5d 100644
--- a/lib/poptQV.c
+++ b/lib/poptQV.c
@@ -121,9 +121,6 @@ struct poptOption rpmQVSourcePoptTable[] = {
 	N_("query the package(s) triggered by the package"), "PACKAGE" },
  { "verify", 'V', POPT_ARGFLAG_DOC_HIDDEN, NULL, 'V',
 	N_("rpm verify mode"), NULL },
-/**@todo Eliminate -y option. */
- { NULL, 'y',  POPT_ARGFLAG_DOC_HIDDEN, NULL, 'V',
-	N_("rpm verify mode (legacy)"), NULL },
  { "whatrequires", '\0', 0, 0, POPT_WHATREQUIRES, 
 	N_("query/verify the package(s) which require a dependency"), "CAPABILITY" },
  { "whatprovides", '\0', 0, 0, POPT_WHATPROVIDES, 
@@ -278,10 +275,10 @@ struct poptOption rpmVerifyPoptTable[] = {
         N_("don't verify signature(s)"), NULL },
 
 /** @todo Add --nogpg/--nopgp aliases to rpmpopt, eliminate. */
- { "nogpg", '\0', POPT_BIT_SET,
+ { "nogpg", '\0', POPT_BIT_SET|POPT_ARGFLAG_DOC_HIDDEN,
 	&rpmQVKArgs.qva_flags, VERIFY_SIGNATURE,
         N_("don't verify GPG V3 DSA signature(s)"), NULL },
- { "nopgp", '\0', POPT_BIT_SET,
+ { "nopgp", '\0', POPT_BIT_SET|POPT_ARGFLAG_DOC_HIDDEN,
 	&rpmQVKArgs.qva_flags, VERIFY_SIGNATURE,
         N_("don't verify PGP V3 RSA/MD5 signature(s)"), NULL },
 
@@ -298,13 +295,13 @@ struct poptOption rpmSignPoptTable[] = {
 	rpmQVSourceArgCallback, 0, NULL, NULL },
 /*@=type@*/
  { "addsign", '\0', 0, NULL, 'A',
-	N_("sign a package, preserving digests"), NULL },
+	N_("sign a packagei (identical to --resign)"), NULL },
  { "checksig", 'K', POPT_ARGFLAG_DOC_HIDDEN, NULL, 'K',
 	N_("verify package signature(s)"), NULL },
  { "import", '\0', POPT_ARGFLAG_DOC_HIDDEN, NULL, 'I',
 	N_("import an armored public key"), NULL },
  { "resign", '\0', 0, NULL, 'R',
-	N_("sign a package, recomputing digests"), NULL },
+	N_("sign a packagei (identical to --addsign)"), NULL },
  { "sign", '\0', POPT_ARGFLAG_DOC_HIDDEN, &rpmQVKArgs.sign, 0,
 	N_("generate signature"), NULL },
 
diff --git a/lib/rpmchecksig.c b/lib/rpmchecksig.c
index 03076223d..ac656d6e4 100644
--- a/lib/rpmchecksig.c
+++ b/lib/rpmchecksig.c
@@ -16,8 +16,8 @@
 #include "misc.h"	/* XXX for makeTempFile() */
 #include "debug.h"
 
-/*@access rpmTransactionSet @*/	/* ts->rpmdb, ts->id */
-/*@access Header @*/		/* XXX compared with NULL */
+/*@access rpmTransactionSet @*/	/* ts->rpmdb, ts->id, ts->dig et al */
+/*?access Header @*/		/* XXX compared with NULL */
 /*@access FD_t @*/		/* XXX stealing digests */
 /*@access pgpDig @*/
 
@@ -302,6 +302,7 @@ exit:
 
 /** \ingroup rpmcli
  * Import public key(s).
+ * @todo Implicit --update policy for gpg-pubkey headers.
  * @param ts		transaction set
  * @param qva		mode flags and parameters
  * @param argv		array of pubkey file names (NULL terminated)
@@ -832,9 +833,8 @@ int rpmVerifySignatures(QVA_t qva, rpmTransactionSet ts, FD_t fd,
     return res;
 }
 
-int rpmcliSign(QVA_t qva, const char ** argv)
+int rpmcliSign(rpmTransactionSet ts, QVA_t qva, const char ** argv)
 {
-    rpmTransactionSet ts;
     const char * arg;
     int dbmode = (qva->qva_mode != RPMSIGN_IMPORT_PUBKEY)
 		? O_RDONLY : (O_RDWR | O_CREAT);
@@ -843,7 +843,6 @@ int rpmcliSign(QVA_t qva, const char ** argv)
 
     if (argv == NULL) return res;
 
-    ts = rpmtransCreateSet(NULL, NULL);
     xx = rpmtsOpenDB(ts, dbmode);
     if (xx != 0)
 	return -1;
@@ -875,8 +874,5 @@ int rpmcliSign(QVA_t qva, const char ** argv)
 	if (fd != NULL) xx = Fclose(fd);
     }
 
-    ts->dig = pgpFreeDig(ts->dig);	/* XXX just in case */
-    ts = rpmtransFree(ts);
-
     return res;
 }
diff --git a/lib/rpmcli.h b/lib/rpmcli.h
index bbdba0010..4242aae61 100644
--- a/lib/rpmcli.h
+++ b/lib/rpmcli.h
@@ -580,6 +580,8 @@ typedef /*@abstract@*/ struct IDTindex_s {
 /** \ingroup rpmcli
  * Rollback transactions, erasing new, reinstalling old, package(s).
  * @param ts		transaction set
+ * @param ia		mode flags and parameters
+ * @param argv		array of arguments (NULL terminated)
  * @return		0 on success
  */
 int rpmRollback(rpmTransactionSet ts, struct rpmInstallArguments_s * ia,
@@ -649,14 +651,15 @@ extern struct poptOption rpmSignPoptTable[];
 
 /** \ingroup rpmcli
  * Create/Modify/Check elements from signature header.
+ * @param ts		transaction set
  * @param qva		mode flags and parameters
- * @param argv		array of package file names (NULL terminated)
+ * @param argv		array of arguments (NULL terminated)
  * @return		0 on success
  */
-int rpmcliSign(QVA_t qva, /*@null@*/ const char ** argv)
+int rpmcliSign(rpmTransactionSet ts, QVA_t qva, /*@null@*/ const char ** argv)
 	/*@globals RPMVERSION, rpmGlobalMacroContext,
 		fileSystem, internalState @*/
-	/*@modifies qva, rpmGlobalMacroContext,
+	/*@modifies ts, qva, rpmGlobalMacroContext,
 		fileSystem, internalState @*/;
 
 /*@}*/
diff --git a/popt/popthelp.c b/popt/popthelp.c
index 17adc6f2b..07fae0933 100644
--- a/popt/popthelp.c
+++ b/popt/popthelp.c
@@ -247,6 +247,7 @@ static void singleOptionHelp(FILE * fp, int maxLeftCol,
 	    case POPT_ARG_NONE:
 		break;
 	    case POPT_ARG_VAL:
+#ifdef	NOTNOW	/* XXX pug ugly nerdy output */
 	    {	long aLong = opt->val;
 		int ops = (opt->argInfo & POPT_ARGFLAG_LOGICALOPS);
 		int negate = (opt->argInfo & POPT_ARGFLAG_NOT);
@@ -274,7 +275,9 @@ static void singleOptionHelp(FILE * fp, int maxLeftCol,
 		le += sprintf(le, (ops ? "0x%lx" : "%ld"), aLong);
 		/*@=formatconst@*/
 		*le++ = ']';
-	    }	break;
+	    }
+#endif
+		break;
 	    case POPT_ARG_INT:
 	    case POPT_ARG_LONG:
 	    case POPT_ARG_FLOAT:
diff --git a/python/rpmmodule.c b/python/rpmmodule.c
index 379b4ac1c..fb16a1efe 100644
--- a/python/rpmmodule.c
+++ b/python/rpmmodule.c
@@ -2391,16 +2391,19 @@ static PyObject * checkSig (PyObject * self, PyObject * args) {
     int rc = 255;
 
     if (PyArg_ParseTuple(args, "si", &filename, &flags)) {
-	const char *av[2];
-	QVA_t ka = alloca(sizeof(*ka));
-	memset(ka, 0, sizeof(*ka));
+	rpmTransactionSet ts;
+	const char * av[2];
+	QVA_t ka = memset(alloca(sizeof(*ka)), 0, sizeof(*ka));
+
 	av[0] = filename;
 	av[1] = NULL;
 	ka->qva_mode = 'K';
 	ka->qva_flags = (VERIFY_DIGEST|VERIFY_SIGNATURE);
 	ka->sign = 0;
 	ka->passPhrase = NULL;
-	rc = rpmcliSign(ka, av);
+	ts = rpmtransCreateSet(NULL, NULL);
+	rc = rpmcliSign(ts, ka, av);
+	rpmtransFree(ts);
     }
     return Py_BuildValue("i", rc);
 }
diff --git a/rpm.spec.in b/rpm.spec.in
index 6d79e1996..d13b0aa83 100644
--- a/rpm.spec.in
+++ b/rpm.spec.in
@@ -529,6 +529,7 @@ fi
 - splint annotationsm, signature cleanup.
 - drill ts/fi through verify mode, add methods to keep fi abstract.
 - use mmap when calculating file digests on verify, ~20% faster.
+- permit --dbpath and --root with signature (i.e. --import) modes.
 
 * Mon Sep 24 2001 Jeff Johnson <jbj@redhat.com>
 - Start rpm-4.1.
diff --git a/rpmpopt.in b/rpmpopt.in
index b02f09cb7..5bd5fdb3d 100644
--- a/rpmpopt.in
+++ b/rpmpopt.in
@@ -254,6 +254,14 @@ rpmk	alias --ftpproxy	--define '_ftpproxy !#:+'
 rpmk	alias --httpport	--define '_httpport !#:+'
 rpmk	alias --httpproxy	--define '_httpproxy !#:+'
 #==============================================================================
+rpmsign	alias --dbpath		--define '_dbpath !#:+' \
+	--POPTdesc=$"use <dir> as the directory for the database" \
+	--POPTargs=$"<dir>"
+rpmsign	alias --ftpport		--define '_ftpport !#:+'
+rpmsign	alias --ftpproxy	--define '_ftpproxy !#:+'
+rpmsign	alias --httpport	--define '_httpport !#:+'
+rpmsign	alias --httpproxy	--define '_httpproxy !#:+'
+#==============================================================================
 rpmq	alias --dbpath		--define '_dbpath !#:+' \
 	--POPTdesc=$"use <dir> as the directory for the database" \
 	--POPTargs=$"<dir>"
@@ -326,6 +334,78 @@ rpmq	alias --last --qf '%|INSTALLTIME?{%{INSTALLTIME}}:{000000000}| %{NAME}-%{VE
 rpmq	alias --filesbypkg --qf '[%-25{=NAME} %{FILENAMES}\n]' \
 	--POPTdesc=$"list all files from each package"
 #==============================================================================
+rpmquery	alias --dbpath		--define '_dbpath !#:+' \
+	--POPTdesc=$"use <dir> as the directory for the database" \
+	--POPTargs=$"<dir>"
+rpmquery	alias --ftpport		--define '_ftpport !#:+'
+rpmquery	alias --ftpproxy	--define '_ftpproxy !#:+'
+rpmquery	alias --httpport	--define '_httpport !#:+'
+rpmquery	alias --httpproxy	--define '_httpproxy !#:+'
+
+rpmquery	alias --scripts --qf '\
+%|PREIN?{preinstall scriptlet\
+%|PREINPROG?{ (through %{PREINPROG})}|:\n%{PREIN}\n}:\
+{%|PREINPROG?{preinstall program: %{PREINPROG}\n}|}|\
+\
+%|POSTIN?{postinstall scriptlet\
+%|POSTINPROG?{ (through %{POSTINPROG})}|:\n%{POSTIN}\n}:\
+{%|POSTINPROG?{postinstall program: %{POSTINPROG}\n}|}|\
+\
+%|PREUN?{preuninstall scriptlet\
+%|PREUNPROG?{ (through %{PREUNPROG})}|:\n%{PREUN}\n}:\
+{%|PREUNPROG?{preuninstall program: %{PREUNPROG}\n}|}|\
+\
+%|POSTUN?{postuninstall scriptlet\
+%|POSTUNPROG?{ (through %{POSTUNPROG})}|:\n%{POSTUN}\n}:\
+{%|POSTUNPROG?{postuninstall program: %{POSTUNPROG}\n}|}|\
+\
+%|VERIFYSCRIPT?{verify scriptlet:\n%{VERIFYSCRIPT}\n}|\
+' \
+	--POPTdesc=$"list install/erase scriptlets from package(s)"
+
+rpmquery	alias --conflicts	--qf \
+  "[%{CONFLICTNAME} %{CONFLICTFLAGS:depflags} %{CONFLICTVERSION}\n]" \
+	--POPTdesc=$"list capabilities this package conflicts with"
+rpmquery	alias --obsoletes	--qf \
+  "[%{OBSOLETENAME} %|OBSOLETEFLAGS?{%{OBSOLETEFLAGS:depflags} %{OBSOLETEVERSION}}:{}|\n]" \
+	--POPTdesc=$"list other packages removed by installing this package"
+rpmquery	alias --provides	--qf \
+  "[%{PROVIDENAME} %|PROVIDEFLAGS?{%{PROVIDEFLAGS:depflags} %{PROVIDEVERSION}}:{}|\n]" \
+	--POPTdesc=$"list capabilities that this package provides"
+
+rpmquery	alias --requires	--qf \
+  "[%{REQUIRENAME} %{REQUIREFLAGS:depflags} %{REQUIREVERSION}\n]" \
+	--POPTdesc=$"list capabilities required by package(s)"
+rpmquery	alias -R --requires
+
+rpmquery	alias --info --qf 'Name        : %-27{NAME}  Relocations: %|PREFIXES?{[%{PREFIXES} ]}:{(not relocateable)}|\n\
+Version     : %-27{VERSION}       Vendor: %{VENDOR}\n\
+Release     : %-27{RELEASE}   Build Date: %{BUILDTIME:date}\n\
+Install date: %|INSTALLTIME?{%-27{INSTALLTIME:date}}:{(not installed)         }|      Build Host: %{BUILDHOST}\n\
+Group       : %-27{GROUP}   Source RPM: %{SOURCERPM}\n\
+Size        : %-27{SIZE}%|LICENSE?{      License: %{LICENSE}}|\n\
+%|PACKAGER?{Packager    : %{PACKAGER}\n}|\
+%|URL?{URL         : %{URL}\n}|\
+Summary     : %{SUMMARY}\n\
+Description :\n%{DESCRIPTION}\n' \
+	--POPTdesc=$"list descriptive information from package(s)"
+
+rpmquery	alias --changelog --qf '[* %{CHANGELOGTIME:day} %{CHANGELOGNAME}\n\n%{CHANGELOGTEXT}\n\n]' \
+	--POPTdesc=$"list change logs for this package"
+
+rpmquery	alias --triggerscripts --qf '\
+[trigger%{TRIGGERTYPE} script (through %{TRIGGERSCRIPTPROG}) -- %{TRIGGERCONDS}\n\
+%{TRIGGERSCRIPTS}\n]'
+rpmquery	alias --triggers --triggerscripts \
+	--POPTdesc=$"list trigger scriptlets from package(s)"
+
+rpmquery	alias --last --qf '%|INSTALLTIME?{%{INSTALLTIME}}:{000000000}| %{NAME}-%{VERSION}-%{RELEASE} %|INSTALLTIME?{%{INSTALLTIME:date}}:{(not installed)}|\n' \
+	--pipe "sort -r -n | sed 's,^[0-9]\+ ,,' | awk '{printf(\"%-45s %-s\n\", $1, substr($0,length($1)+2))}' " \
+	--POPTdesc=$"list package(s) by install time, most recent first"
+
+rpmquery	alias --filesbypkg --qf '[%-25{=NAME} %{FILENAMES}\n]' \
+	--POPTdesc=$"list all files from each package"
+#==============================================================================
 rpmu	alias --dbpath		--define '_dbpath !#:+' \
 	--POPTdesc=$"use <dir> as the directory for the database" \
 	--POPTargs=$"<dir>"
diff --git a/rpmqv.c b/rpmqv.c
index e18817356..41c7eb7fc 100755
--- a/rpmqv.c
+++ b/rpmqv.c
@@ -71,7 +71,7 @@ enum modes {
 #define	MODES_FOR_DBPATH	(MODES_BT | MODES_IE | MODES_QV | MODES_DB)
 #define	MODES_FOR_NODEPS	(MODES_BT | MODES_IE | MODE_VERIFY)
 #define	MODES_FOR_TEST		(MODES_BT | MODES_IE)
-#define	MODES_FOR_ROOT		(MODES_BT | MODES_IE | MODES_QV | MODES_DB)
+#define	MODES_FOR_ROOT		(MODES_BT | MODES_IE | MODES_QV | MODES_DB | MODES_K)
 
 /*@-exportheadervar@*/
 /*@unchecked@*/
@@ -1139,7 +1139,7 @@ ia->probFilter |= RPMPROB_FILTER_OLDPACKAGE;
 	if (!poptPeekArg(optCon))
 	    argerror(_("no arguments given"));
 	ka->passPhrase = passPhrase;
-	ec = rpmcliSign(ka, (const char **)poptGetArgs(optCon));
+	ec = rpmcliSign(ts, ka, (const char **)poptGetArgs(optCon));
 	/* XXX don't overflow single byte exit status */
 	if (ec > 255) ec = 255;
     	break;