Unsigned package
Jon Ciesla
limb at jcomserv.net
Thu Jun 7 19:00:52 UTC 2007
> On Thursday 07 June 2007 14:08:06 Jon Ciesla wrote:
>> Trying to upgrade, yum complains:
>> Package scons-0.97-2.fc7.noarch.rpm is not signed
>>
>> This is from my local mirror, but the one from two other official
>> mirrors
>> and d.f.r.c match it.
>>
>> rpm --checksig on all of these yields:
>>
>> scons-0.97-2.fc7.noarch.rpm: sha1 md5 OK
>>
>> Huh?
>>
>> Jon
>>
>> --
>> novus ordo absurdum
>
> A few unsigned packages leaked out in the tree due to some tools errors
> and
> oversight. I have a new tree with signed packages and new repodata for
> the
> signed packages that I'll be uploading at some point today (once my day of
> meetings is over). There is some impact on users.
>
> Yum caches metadata (and packages) for a period of time (30 minutes). So
> changing the package checksum without changing the NVR can have some
> impact:
>
> With a warm cache, and no package in cache, it'll say your package doesn't
> match checksum. With a warm cache and a already cached (unsigned)
> package,
> it'll say the package is unsigned. Once cache expires, it Just Works(tm).
> This only effects the unsigned packages in the tree, all other operations
> on
> signed packages will be fine.
So, try again tomorrow. :) Ok. Thanks. :)
> --
> Jesse Keating
> Release Engineer: Fedora
> --
> fedora-devel-list mailing list
> fedora-devel-list at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-devel-list
--
novus ordo absurdum
More information about the fedora-devel-list
mailing list