FC3T2 up2date - <package> is not signed with a GPG signature
Michael Jenkins
mike at salemiu.edu
Tue Sep 28 07:57:42 UTC 2004
When doing an up2date on a package, I get the following:
[root at localhost /etc/sysconfig/rhn]$ up2date hdparm
Fetching Obsoletes list for channel: fedora-core-rawhide...
Fetching rpm headers...
########################################
Name Version Rel
----------------------------------------------------------
hdparm 5.7 2
i386
Testing package set / solving RPM inter-dependencies...
########################################
hdparm-5.7-2.i386.rpm: ########################## Done.
The package hdparm-5.7-2 is not signed with a GPG signature. Aborting...
Package hdparm-5.7-2 does not have a GPG signature.
Aborting...
I've imported all these keys:
[root at localhost /usr/share/doc/up2date-4.3.40]$ locate RPM-GPG
/usr/share/doc/rpm-4.3.2/RPM-GPG-KEY
/usr/share/doc/fedora-release-2.91/RPM-GPG-KEY-rawhide
/usr/share/doc/fedora-release-2.91/RPM-GPG-KEY
/usr/share/doc/fedora-release-2.91/RPM-GPG-KEY-fedora-test
/usr/share/doc/fedora-release-2.91/RPM-GPG-KEY-fedora
/usr/share/doc/fedora-release-2.91/RPM-GPG-KEY-fedora-rawhide
/usr/share/doc/fedora-release-2.91/RPM-GPG-KEY-beta
/usr/share/rhn/RPM-GPG-KEY
/usr/share/rhn/BETA-RPM-GPG-KEY
/usr/share/rhn/RPM-GPG-KEY-fedora-test
/usr/share/rhn/RPM-GPG-KEY-fedora
I've commented out the line in /etc/sysconfig/rhn/sources for the yum-mirror
and added the following:
yum fedora-core-rawhide
http://mirror.hiwaay.net/redhat/fedora/linux/core/development/$ARCH/
I've gone to this site and imported all of its RPM-GPG keys...
Still same issue, the thing that kills me is that I can do a rpm -Kv or
rpm --checksig against the RPM that was put in /var/spool/up2date but not
installed and get:
[root at localhost /var/spool/up2date]$ rpm -Kv hdparm-5.7-2.i386.rpm
hdparm-5.7-2.i386.rpm:
Header SHA1 digest: OK (0115990d6b8e85627bdf24a1f7f8f74627ea5a2b)
MD5 digest: OK (9621b9025c6538da72605fade8d028ed)
[root at localhost /var/spool/up2date]$ rpm --checksig hdparm-5.7-2.i386.rpm
hdparm-5.7-2.i386.rpm: sha1 md5 OK
I've manually updated up2date to try and fix this, however same issue, the
release is:
[root at localhost ~]$ rpm -q up2date
up2date-4.3.40-1
I can also run rpm -Uvh against these, and they install fine, so it must be
something with up2date. After looking at the source in
/usr/share/rhn/up2date_client, this error is a result of hasBadSignature
returning 1, which after looking in up2date.py for hasBadSignature, it only
returns 1 for a package with a header with no gpg signature? I've never
coded in python, so I could be completely wrong on that assessment.
I've read some board posts that people say the development updates aren't
signed, but how does rpm --checksig return OK then? Maybe I'm being
paranoid about these packages having proper signatures, and could get around
this using up2date --nosigs, but doesn't that defeat the point? I'm just
wondering if anyone has found a fix for this issue, or am I just better off
using yum? Thanks.
Mike
More information about the fedora-test-list
mailing list