3 Sep
2008
3 Sep
'08
13:06
On Wed, Sep 03, Jan-Simon M?ller wrote: > Hi and moin moin ! > > I'm playing again with libzypp/python. > > See the test1.py (lots of comments, but i need to remember later :D). > > I've a local obs instance mirrored at http://localhost/. The repo is at > http://localhost/software_from_lire/base_factory/ > [DIR] Parent Directory - > [DIR] i586/ 03-Jul-2008 13:57 - > [DIR] noarch/ 03-Jul-2008 13:30 - > [DIR] nosrc/ 03-Jul-2008 13:26 - > [DIR] repodata/ 03-Jul-2008 13:57 - > [ ] software_from_lire.repo 03-Jul-2008 13:57 220 > [DIR] src/ > > In the repoinfo I set gpgCheck to False. > If I add this repoinfo it works, but then: > >>> myrepomanager.refreshMetadata(myrepoinfo) > Traceback (most recent call last): > File "", line 1, in > File "/home/dl9pf/pfx/lib64/python/site-packages/zypp.py", line 1609, in refreshMetadata > def refreshMetadata(*args): return _zypp.RepoManager_refreshMetadata(*args) > RuntimeError: History: > - Signature verification failed for repomd.xml > Valid metadata not found at specified URL(s) > >>> > > Any idea ? What did I miss ? Looking at the zypp code, gpgCheck has no effect ;( I don't see any location that evaluates the value. Signature verification may trigger some callbacks, to ask whether to accept unsigned files, unkown keys, etc. The default to all these questions is 'NO'. You want to say 'YES'. In C++ you'd create a KeyRingReceiver that connects to the callback and answers the questions as needed. But I don't know if the bindings support this: struct KeyRingReceiver : public callback::ReceiveReport { KeyRingReceiver() { connect(); } virtual bool askUserToAcceptUnsignedFile( const std::string & file ) { return true; } virtual bool askUserToAcceptUnknownKey( const std::string &file, const std::string &id ) { return true; } virtual bool askUserToTrustKey( const PublicKey & key ) { return true; } virtual bool askUserToImportKey( const PublicKey & key ) { return true; } virtual bool askUserToAcceptVerificationFailed( const std::string & file, const PublicKey & key ) { return true; } }; Without this you need a valid signature. Do you build libzypp and libzypp-bindings from svn? I can provide some methods in KeyRing to change the default answers. I suppose this is easier for the bindings than dealing with callbacks. -- cu, Michael Andres +------------------------------------------------------------------+ Key fingerprint = 2DFA 5D73 18B1 E7EF A862 27AC 3FB8 9E3A 27C6 B0E4 +------------------------------------------------------------------+ Michael Andres YaST Development ma@novell.com SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nuernberg) Maxfeldstrasse 5, D-90409 Nuernberg, Germany, ++49 (0)911 - 740 53-0 +------------------------------------------------------------------+ -- To unsubscribe, e-mail: zypp-devel+unsubscribe@opensuse.org For additional commands, e-mail: zypp-devel+help@opensuse.org