On 31/05/2021 09.54, Roger Oberholtzer wrote:

If I download a package from Packman and install it directly, I get this warning:

libvo-amrwbenc0-0.1.3-pm151.1.4.x86_64 (Plain RPM files cache): Signature verification failed [4-Signatures public key is not available]

Of course if I add the repository this is all managed. But if I want to just install the RPM direct, is there a package with the certificates that I can install so this message is not given?

Now, this is an interesting question. I just looked at man zypper, and did not find a way to export gpg keys, with the intention to import them again on rpm command. There is "/var/cache/zypp/pubkeys/", but it is empty. Of course, if you know the identifier of a key and it is published, you could download it from the gpg servers. rpm has the command "rpmkeys" to handle keys. --import and --checksig, that's all. display imported keys: rpm -qa gpg-pubkey* But it does not say who each key belongs to. Ah, "rpm -qi key", with a key obtained in the previous command, gives info on the key and displays the key block itself. And "rpm -qf key" tries to print where the key is saved: Telcontar:/var/cache/zypp # rpm -qf gpg-pubkey-eefefde9-58999f26 error: file /var/cache/zypp/gpg-pubkey-eefefde9-58999f26: No such file or directory Telcontar:/var/cache/zypp # Telcontar:/var/cache/zypp # ls /var/cache/zypp/gpg-pubkey* ls: cannot access '/var/cache/zypp/gpg-pubkey*': No such file or directory cer@Telcontar:~> zypper search --installed-only gpg-pubkey* Loading repository data... Reading installed packages... No matching items found. cer@Telcontar:~> There is "openSUSE-build-key" package, though (Summary: The public gpg keys for rpm package signature verification). It contains: /usr/lib/rpm/gnupg /usr/lib/rpm/gnupg/dumpsigs /usr/lib/rpm/gnupg/keys /usr/lib/rpm/gnupg/keys/gpg-pubkey-307e3d54-5aaa90a5.asc /usr/lib/rpm/gnupg/keys/gpg-pubkey-39db7c82-5847eb1f.asc /usr/lib/rpm/gnupg/keys/gpg-pubkey-3dbdc284-53674dd4.asc /usr/share/doc/packages/openSUSE-build-key /usr/share/doc/packages/openSUSE-build-key/security_at_suse_de.asc /usr/share/doc/packages/openSUSE-build-key/security_at_suse_de_old.asc So, /usr/lib/rpm/gnupg/keys contains keys, Three keys in my case. -- Cheers / Saludos, Carlos E. R. (from 15.2 x86_64 at Telcontar)

Am Mon, 31 May 2021 09:54:40 +0200 schrieb Roger Oberholtzer :

Of course if I add the repository this is all managed. But if I want to just install the RPM direct, is there a package with the certificates that I can install so this message is not given?

# curl -RLO http://ftp.fau.de/packman/suse/openSUSE_Leap_15.1/repodata/repomd.xml.key # gpg --show-key repomd.xml.key # rpm --import repomd.xml.key Olaf

Stored in: /var/cache/raw/REPOALIAS/repodata Stephan Am Dienstag, 1. Juni 2021, 10:12:48 CEST schrieb Roger Oberholtzer:

On Mon, May 31, 2021 at 11:02 PM Olaf Hering wrote:

...

Am Mon, 31 May 2021 09:54:40 +0200 schrieb Roger Oberholtzer :

...

Of course if I add the repository this is all managed. But if I want to just install the RPM direct, is there a package with the certificates that I can install so this message is not given?

# curl -RLO http://ftp.fau.de/packman/suse/openSUSE_Leap_15.1/repodata/repomd.xml.key # gpg --show-key repomd.xml.key # rpm --import repomd.xml.key

I think it worked. The gpg command, which I guess is just checking the key file, seems to have a slightly different syntax. It listed the following (but still seemed to accept the file contents):

# gpg --show-key repomd.xml.key gpg: WARNING: "--show-keyring" is a deprecated option gpg: please use "--list-options show-keyring" instead gpg: WARNING: no command supplied. Trying to guess what you mean ... pub rsa4096 2006-09-18 [SC] [expires: 2024-09-12] F8875B880D518B6B8C530D1345A1D0671ABD1AFB uid PackMan Project (signing key)

I tried the suggested --list-options show-keyring, but then I got:

# gpg --list-options show-keyring repomd.xml.key gpg WARNING: no command supplied. Trying to guess what you mean ... pub rsa4096 2006-09-18 [SC] [expires: 2024-09-12] F8875B880D518B6B8C530D1345A1D0671ABD1AFB uid PackMan Project (signing key)

I'm not so familiar with the gpg command.

...

Olaf

* Carlos E. R. [06-01-21 20:05]:

On 01/06/2021 19.27, Stephan Hemeier wrote:

...

Stored in: /var/cache/raw/REPOALIAS/repodata Stephan

I don't have that directory.

well, you actually do but the address is somewhat odd, look at: /var/cache/zypp/raw/<repo><name>/repodata -- (paka)Patrick Shanahan Plainfield, Indiana, USA @ptilopteri http://en.opensuse.org openSUSE Community Member facebook/ptilopteri Photos: http://wahoo.no-ip.org/piwigo paka @ IRCnet freenode