On 09/11/2016 02:59 PM, Carlos E. R. wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
Content-ID:
El 2016-09-11 a las 12:54 -0400, Roman Bysh escribió:
Well, of course, the rpms were made with a key that has expired. You either ignore, or download a fresh copy of those rpms.
On the other hand, I think that YaST/zypper is incapable of refreshing an expired key. I don't know if that issue has been solved yet; the roundabout solution is to remove the affected repos and add them again.
I'll download newer rpms and see if it still happens. They should integrate the two pop messages into a single one.
I have a doubt about this.
If you download and store a package, and try to install it some time later, you may get the warning (error?) that the key expired. But at the time the rpm was made, the signature was correct. Same as for an old email.
The message should say that the old package was *correctly* signed with a key now expired. That particular package (email) can not be signed with the currently correct key, ever. It was correctly signed ("sent") long ago.
The warning messages should make the situation clear.
If that is what happens (I don't know), it is not an error, but a bug in the software for not accepting the correct key for an old package, IMHO.
- -- Cheers Carlos E. R.
(from 13.1 x86_64 "Bottle" (Minas Tirith)) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux)
iF4EAREIAAYFAlfVqaMACgkQja8UbcUWM1zz4gD+NRPcsWPOM3gz+MEOTTDrMHE9 pMeMtt2/4ET3qPKUpQMA/2hMpX7PUTw72S+8SMH6LZhgJ9fyHascJOX567hiUGqN =tBaJ -----END PGP SIGNATURE----- Update
I was just notified to add to /etc/zypp/repos.d/local-repository gpgcheck=off This should disable the integrity check. I couldn't find this anywhere. Good to know. Roman -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org