On Tue, Jan 22, 2008 at 06:32:14PM +0100, Michael Schroeder wrote:
On Tue, Jan 22, 2008 at 06:17:54PM +0100, Manfred Hollstein wrote:
Will these new keys be made publicly available/known to GPG key servers? This would be needed for some other package management tools (like apt-get). Right now, I cannot install the new packages from the mozilla/openSUSE-10.2 repository any more :-( Yes, I have run the command
rpm --import http://download.opensuse.org/repositories/mozilla/openSUSE_10.2/repodata/rep...
but checking the sigs still complains:
rpm -qp /var/cache/apt/archives/mozilla-xulrunner181_1.8.1.11-2.2_i586.rpm -K /var/cache/apt/archives/mozilla-xulrunner181_1.8.1.11-2.2_i586.rpm: (SHA1) DSA sha1 md5 (GPG) NOT OK (MISSING KEYS: GPG#06213bd4)
Hmm, it shouldn't:
$ curl -q http://download.opensuse.org/repositories/mozilla/openSUSE_10.2/repodata/rep... | gpg --list-packets [...] :user ID packet: "mozilla OBS Project
" :signature packet: algo 1, keyid 9D34EC9606213BD4 [...] Maybe the redirector redirected to some outdated file?
I'd rule that out, since (in the /repositories tree) we don't redirect for files matching '.xml'. I actually grepped the logs a minute ago, because I am too stupid too read regular expressions...
Cheers, Michael.
Peter -- "WARNING: This bug is visible to non-employees. Please be respectful!" SUSE LINUX Products GmbH Research & Development