[Yum-devel] signature checking issue if key is installed during session
seth vidal
skvidal at fedoraproject.org
Fri Feb 8 01:53:57 UTC 2008
On Thu, 2008-02-07 at 16:06 +0100, Hans-Peter Jansen wrote:
> Hi again,
>
> I want to report a rather long standing problem with signature checking:
> if the key is given via a gpgkey= option and gets installed during the
> session, yum still fails with a "not installed" error:
>
> Downloading Packages:
> warning: rpmts_HdrFromFdno: Header V3 DSA signature: NOKEY, key ID bbad14ef
> Importing GPG key 0xBBAD14EF "OpenOffice.org OBS Project
> <OpenOffice.org at build.opensuse.org>" from
> http://download.opensuse.org/repositories/OpenOffice.org:/STABLE/openSUSE_10.2/repodata/repomd.xml.key
> Is this ok [y/N]: y
>
>
> Public key for OpenOffice_org-kde-2.3.1.2-1.2.i586.rpm is not installed
>
> Looking into it, could this be related with rpmUtils.miscutils.checkSig()
> running under a self.rpmdb.readOnlyTS() in yum/__init__.py?
>
> I would understand the read only transaction as non modifiable, and
> installing a key is a modification. But that doesn't explain, why yum
> doesn't complain about a missing key on the next run..
>
> Is this a well known problem?
Never even remotely heard of it.
Can you make sure you have all the keys installed in the rpmdb with:
rpm -qa gpg-pubkey
then check the package OpenOffice_org-kde-2.3.1.2-1.2.i586.rpm with:
rpm -K -v OpenOffice_org-kde-2.3.1.2-1.2.i586.rpm
thanks,
-sv
More information about the Yum-devel
mailing list