Bug 125355

Summary: can't upgrade xemacs packages
Product: [Fedora] Fedora Reporter: Dave Rogers <daver>
Component: xemacsAssignee: Jens Petersen <petersen>
Status: CLOSED NOTABUG QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: 2CC: scop
Target Milestone: ---   
Target Release: ---   
Hardware: i386   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2004-06-06 20:02:25 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Dave Rogers 2004-06-04 23:26:53 UTC 
Description of problem:
When I try to update the package index, list and install or update
installed packages I always get the same error: "Can't check
signature: Public key 82EDF2C1D1DD84CD not found"

Version-Release number of selected component (if applicable): 
[version 21.4.15; April 2004]

How reproducible:
always


Steps to Reproduce:
1. Click Tools > Packages > Update Package Index or List and Install
or Update Installed Packages
2.
3.
  
Actual results:
"Can't check signature: Public key 82EDF2C1D1DD84CD not found"

Expected results:
Get a new package index or a list of packages with the option to
upgrade or an automatice upgrade of all installed packages.

Additional info:

This works fine on FC1 with xemacs version 21.4.14
Comment 1 Jens Petersen 2004-06-06 17:16:47 UTC 
See bug 120437.

Should get fixed in next build.
Comment 2 Jens Petersen 2004-06-06 17:25:15 UTC 
Oops, forgot comment 1 - that patch has already been applied.

Ville, any ideas?
Comment 3 Ville Skyttä 2004-06-06 17:49:22 UTC 
Like the error message says, the problem is that you don't have the
XEmacs package manager's GPG key installed.  So, either:

1) Import the key (0xD1DD84CD) to the GPG keyring of the user you are
updating the packages with (I'd recommend a non-root user, BTW). 
XEmacs should try to do this automatically, but apparently it fails
for you for some reason (no keyserver configured in
~/.gnupg/gpg.conf?).  The key can be found eg. at
http://pgp.mit.edu:11371/pks/lookup?search=0xD1DD84CD&op=index

2) Disable GPG checking by unchecking the
"Options->Advanced->Emacs->Package Tools->Package Get->Require Signed
Base Updates" checkbox, and remember to save the settings.

I've just done a successful package update using a normal user account
and having the GPG key imported with 21.4.15-5.  Most likely there
will be about 20 second delay during "Verifying..." when the GPG sig
is verified, that's a known but a cosmetic problem in (upstream) 21.4.15.

So, I'd say NOTABUG or WORKSFORME... :)
Comment 4 Ville Skyttä 2004-06-06 17:55:08 UTC 
Oh, and of course an easy way to import the key would be for example:

  gpg --keyserver pgp.mit.edu --recv-keys D1DD84CD
Comment 5 Dave Rogers 2004-06-06 19:42:20 UTC 
I tried Ville's suggestion and it works fine for me. So perhaps this
"bug" should be closed and listed as my ignorance of a new feature.
Further proof of why open source and Fedora is the only way to go!
Thanks to all. 

dave
Comment 6 Jens Petersen 2004-06-06 20:02:25 UTC 
Thanks.