[Bug 1088037] New: gpgkey= entry ignored for rpm-md repositories
http://bugzilla.suse.com/show_bug.cgi?id=1088037 Bug ID: 1088037 Summary: gpgkey= entry ignored for rpm-md repositories Classification: openSUSE Product: openSUSE Distribution Version: Leap 42.3 Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: libzypp Assignee: zypp-maintainers@forge.provo.novell.com Reporter: ma@suse.com QA Contact: qa-bugs@suse.de Found By: --- Blocker: --- Via mail to zypp-devel:
My rpm-md style repository contains *both* repository metadata GPG signatures (i.e. repomd.xml.asc) and RPM packages which have GPG signatures, created via rpm --addsign.
On a YUM-based system (e.g., CentOS 7), I simply need to list all the necessary URLs for both repository GPG and package signing public keys with gpgkey=. When I update the metadata (via yum makecache) all listed keys are automatically imported to the correct place; package signing keys into rpm db and the repository signing key into the YUM keyring.
On OpenSUSE 42.3 with zypper 1.13.40 and libzypp 16.17.10, I have noticed that none of the URLs specified with gpgkey= seem to be imported even after I run zypper --gpg-auto-import-keys refresh reponame. I have verified this by running rpm -qa | grep gpg-pubkey and saw that the keys specified in the repository configuration file were not imported to RPM DB. It seems that the only way to import a package signing key on OpenSUSE 42.3 for an rpm-md style repository is to run rpm --import file.key.
-- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=1088037
http://bugzilla.suse.com/show_bug.cgi?id=1088037#c2
Benjamin Zeller
http://bugzilla.suse.com/show_bug.cgi?id=1088037
http://bugzilla.suse.com/show_bug.cgi?id=1088037#c3
Benjamin Zeller
http://bugzilla.suse.com/show_bug.cgi?id=1088037
http://bugzilla.suse.com/show_bug.cgi?id=1088037#c4
Michael Andres
http://bugzilla.suse.com/show_bug.cgi?id=1088037
http://bugzilla.suse.com/show_bug.cgi?id=1088037#c5
--- Comment #5 from Michael Andres
repodata/repomd.xml # master index file /repomd.xml.asc # detached signature /repomd.xml.key # ascii armored key used for signing
Putting it's URl in the repos `gpgkey=` entry does not seem to work. -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=1088037
Sarah Kriesch
http://bugzilla.suse.com/show_bug.cgi?id=1088037
Jannik Main
http://bugzilla.suse.com/show_bug.cgi?id=1088037
http://bugzilla.suse.com/show_bug.cgi?id=1088037#c8
--- Comment #8 from Benjamin Zeller
http://bugzilla.suse.com/show_bug.cgi?id=1088037
http://bugzilla.suse.com/show_bug.cgi?id=1088037#c9
Michael Andres
http://bugzilla.suse.com/show_bug.cgi?id=1088037
http://bugzilla.suse.com/show_bug.cgi?id=1088037#c11
--- Comment #11 from Swamp Workflow Management
http://bugzilla.suse.com/show_bug.cgi?id=1088037
http://bugzilla.suse.com/show_bug.cgi?id=1088037#c12
--- Comment #12 from Swamp Workflow Management
participants (1)
-
bugzilla_noreply@novell.com