-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 El 2006-03-02 a las 08:38 -0000, Administrator escribió:
You forgot to email to the list.
Corrected.
Somehow, this one did not make to the list, unknown reason. Anyway, I'll email to list with private copy to you, so that others can contribute.
Suffice to say that I have 2 sig keys missing, IDs 8750d2c4 and 2e80fbc2. I can't find rpmkey rpms for them. I have found the keys and downloaded them. They load into Kgpg on the SuSE box without complaint. RPM ignores them after import - key IDs not listed in 'rpm -qa gpg-pubkey*'. Errors continue. Can't do apt dist-upgrade without turning off sig checking. Bad. :-{
Suposedly, you have to import them with:
rpm --import public-key-file.asc
as root. I don't think Kgpg will inport them to the proper place
I tried rpm --import. It didn't have any noticeable effect, nor did it produce any errors. I don't know what to try next ...
Then, the only thing you can try is (according to the man page): rpm -qa gpg-pubkey* that should list all signatures available - it seems that all of them are of that pattern and get listed that way, there doen't seem to be a specific command to list only signatures regardless of pattern. Funny. Then, rpm -qi gpg-pubkey-db42a60e would give details about that key. With: rpm --checksig package.rpm you check all digests signatures contained in package.rpm. Finally, you can try to remove the signature, in case it is badly imported: rpm -e gpg-pubkey-db42a60e More than that, I simply do not know. I assume you have updated your system recently with YOU, there has been a patch correcting a "nasty" bug (IMHO) related to signature checking of rpms. Broken database perhaps? Try --rebuilddb then... - -- Saludos Carlos Robinson -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (GNU/Linux) Comment: Made with pgp4pine 1.76 iD8DBQFEBsqatTMYHG2NR9URArF/AJ9nMG6ISku/BiHEzFynZsZ7WlJ45gCeLD6X +bW2+9sLIr+OWzCTO+2BltI= =5ZNA -----END PGP SIGNATURE-----
Suffice to say that I have 2 sig keys missing, IDs 8750d2c4 and 2e80fbc2. I can't find rpmkey rpms for them. I have found the keys and downloaded them. They load into Kgpg on the SuSE box without complaint. RPM ignores them after import - key IDs not listed in 'rpm -qa gpg-pubkey*'.
RPM can't deal with all types of signatures on a key. At the moment I'm not quite sure which type causes the problem, but I think it were "v2" signatures. You must remove all rpm-incompatible signatures from a key before the rpm import will be successful. HTH, Michel
On Thursday 02 March 2006 11:57, Michel Messerschmidt wrote:
Suffice to say that I have 2 sig keys missing, IDs 8750d2c4 and 2e80fbc2. I can't find rpmkey rpms for them. I have found the keys and downloaded them. They load into Kgpg on the SuSE box without complaint. RPM ignores them after import - key IDs not listed in 'rpm -qa gpg-pubkey*'.
RPM can't deal with all types of signatures on a key. At the moment I'm not quite sure which type causes the problem, but I think it were "v2" signatures. You must remove all rpm-incompatible signatures from a key before the rpm import will be successful.
I think this means that some of the rpms fetched by apt4suse have signatures which can't be checked ... and they're signed by the "suse.de" team! Is there any way round this without turning off signature checking? Thanks David
Many thanks Carlos,
Suffice to say that I have 2 sig keys missing, IDs 8750d2c4 and 2e80fbc2. I can't find rpmkey rpms for them. I have found the keys and downloaded them. They load into Kgpg on the SuSE box without complaint. RPM ignores them after import - key IDs not listed in 'rpm -qa gpg-pubkey*'. Errors continue. Can't do apt dist-upgrade without turning off sig checking. Bad. :-{
Suposedly, you have to import them with:
rpm --import public-key-file.asc
as root. I don't think Kgpg will inport them to the proper place
I tried rpm --import. It didn't have any noticeable effect, nor did it produce any errors. I don't know what to try next ...
Then, the only thing you can try is (according to the man page):
rpm -qa gpg-pubkey*
I used this to confirm whether the keys had been imported. They hadn't. Other keys which had been retrieved by a similar method had been imported, though.
participants (3)
-
Administrator -
Carlos E. R. -
Michel Messerschmidt