Bug 131859
Summary: | rpm --import fails on gpg export of key, but not on pgp export. header issue? | ||||||
---|---|---|---|---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Paul Wouters <paul> | ||||
Component: | rpm | Assignee: | Paul Nasrat <nobody+pnasrat> | ||||
Status: | CLOSED DUPLICATE | QA Contact: | Mike McLean <mikem> | ||||
Severity: | low | Docs Contact: | |||||
Priority: | medium | ||||||
Version: | 3 | CC: | nobody+pnasrat, zimon | ||||
Target Milestone: | --- | ||||||
Target Release: | --- | ||||||
Hardware: | All | ||||||
OS: | Linux | ||||||
Whiteboard: | |||||||
Fixed In Version: | Doc Type: | Bug Fix | |||||
Doc Text: | Story Points: | --- | |||||
Clone Of: | Environment: | ||||||
Last Closed: | 2006-01-30 17:06:12 UTC | Type: | --- | ||||
Regression: | --- | Mount Type: | --- | ||||
Documentation: | --- | CRM: | |||||
Verified Versions: | Category: | --- | |||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
Cloudforms Team: | --- | Target Upstream Version: | |||||
Embargoed: | |||||||
Attachments: |
|
Can you attach the file that fails when you are trying to do --import please? Created attachment 103510 [details]
the key that fails to import
the key that fails to import
I have had the similar problems lately. Non new gpg-keys can be imported it seems: Example: # wget http://rpmseek.com/download/ftp://ftp.lip6.fr/pub/linux/distributions/mandrake-devel/cooker/i586/media/main/mpgtx-1.3-3mdk.i586.rpm # rpm -q rpm rpm-4.3.2-21 # rpm --checksig /tmp/mpgtx-1.3-3mdk.i586.rpm /tmp/mpgtx-1.3-3mdk.i586.rpm: (SHA1) DSA sha1 md5 (GPG) NOT OK (MISSING KEYS: GPG#26752624) # gpg --recv-keys 26752624 gpg: key 26752624: public key "MandrakeCooker <cooker>" imported gpg: Total number processed: 1 gpg: imported: 1 # gpg -a --export 26752624 >26752624.asc # rpm --import 26752624.asc # rpm --checksig /tmp/mpgtx-1.3-3mdk.i586.rpm /tmp/mpgtx-1.3-3mdk.i586.rpm: (SHA1) DSA sha1 md5 (GPG) NOT OK (MISSING KEYS: GPG#26752624) # rpm -q gpg-pubkey-* gpg-pubkey-db42a60e-37ea5438 gpg-pubkey-4f2a6fd2-3f9d9d3b gpg-pubkey-6b8d79e6-3f49313d gpg-pubkey-e42d547b-3960bdf1 gpg-pubkey-9b3c94f4-3b0e54e8 gpg-pubkey-9ee149fd-3e65371e gpg-pubkey-9ee149fd-3e65371e gpg-pubkey-70771ff3-3fd755e4 gpg-pubkey-70771ff3-3fd755e4 # cat 26752624.asc -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.2.6 (GNU/Linux) mQGiBD/XT6oRBADPpYAPClDtKLGSZKmDU3pI9XCrsa+sR3CAJgrscSsffDQFEV7V jgO520G3+qBMG/ArgFHrJyFEWk4dNQsR7zRb8B+/ZFo3IhZKbk3gbjYsTrd05t4z DDYIS/GhWKHyhopK6B9uhcKNbuAqA0fM9jDG2j46wmwtLpIrfLa/1SgQQwCgxF4B dw4YoNhwUM98JTn3/Ojw8TcEAKLxQsGCjLQNl4DTEev7w4BKzx95eCVnQ7r7XXld gVOgAxlywGYDJVQn3Zn9Ad4/+8g2wHXcJxLNHUEIrsdZVqllzdYiQa27TtI3RLF0 9leKZQD1awX6sAZxYgCUlQhCukPc61FP3upyna0gWFO6Jf/iS/PhZ96T00h2Gliw ePGTA/97g61DjVFKTlWUH1Bzz61rwtE3apsCX50W8J76Urisipl4niZC9Ns30uly LUgLhTiCvdejqy9O1ONdH9W0ALwv1ThbRlo5I92rWLCwgUpko38qo1bSNQ7DrCfK egKqiCpUltZ00gyUmAkKQTS9/nI/+lEKYkQJvY6ha5d3PC5SkLQqTWFuZHJha2VD b29rZXIgPGNvb2tlckBsaW51eC1tYW5kcmFrZS5jb20+iEYEExECAAYFAj/XVeQA CgkQ54mK4HB3H/OgQQCdECI6SKQHUuNr5P2teLVkZzRRHtgAn04q+NhEnzdll0Ga 3SjZyV3kkCxtiEYEExECAAYFAj/XV68ACgkQRFk1+HjQGfXYaQCeK932DKZ/k7YN aFpE/RTDTVAE3uwAoKFJgC8DPPZUvF/9//kCG6ZImPKhiEYEExECAAYFAkFJa9AA CgkQZRpWSY1Kclmf1gCfV/YbNHKSj4lsBl5ykSF/SolV8lAAoMpjZJCVKqTilTv2 U6pZDC3HHgQPiF4EExECAB4FAj/XT6oCGwMGCwkIBwMCAxUCAwMWAgECHgECF4AA CgkQ3WhNeiZ1JiRczQCdGbsWsP/kMRVHdl1RKh8SRwpLeVcAoKc6QNmnR5a7FvrB vF1+qeeOe/cXuQENBD/XT6sQBAD5JPDpZ1toBcgDPsutvUfFBPJ0Iwi25p6rExQF ssH7Pc9LVP1w/pXXuenuW9d1WqivU6AhBC7hqgjhyf12WJ/rouM52w+RqqNtcIRK 4gqHqYkuP54TD6bAXERC1eTJu4/XzZPRh5OR9FQSEmLGp7f662EqANPP3zZlE9El 4zu1ywADBQQAvjEq5o0FD0zEoVhfjhsPU/uHBG9JIwOPiWBWJlYnLefWgEU/qqGr q23bfBnHvrfS1nmBLId0j6BBhUhDWk2baP5GPcPb9AKXsqUtTiJGFJaIJtVJ5FQT 0jvHgcgaCRAfGBCe9zBCPzxV+jaEXI269n4VvGRpcK8uFTAwiFnvzmWISQQYEQIA CQUCP9dPqwIbDAAKCRDdaE16JnUmJIZUAKC45vNS3JYh5MPbW0UhOgw69M1sZgCf ZI0GCIVleeEzgIx+eDBjS4zDtDU= =3VJl -----END PGP PUBLIC KEY BLOCK----- # So I am guessing, the two GPG keys which seem somehow to be imported twice are messing the rpm-program. I try to remove the duplicate keys: # rpm -e gpg-pubkey-70771ff3-3fd755e4 error: "gpg-pubkey-70771ff3-3fd755e4" specifies multiple packages # rpm -qi gpg-pubkey-70771ff3-3fd755e4 Name : gpg-pubkey Relocations: (not relocatable) Version : 70771ff3 Vendor: (none) Release : 3fd755e4 Build Date: Sun 03 Apr 2005 06:55:16 PM EEST Install Date: Sun 03 Apr 2005 06:55:16 PM EEST Build Host: localhost Group : Public Keys Source RPM: (none) Size : 0 License: pubkey Signature : (none) Summary : gpg(MandrakeCooker <cooker>) Description : -----BEGIN PGP PUBLIC KEY BLOCK----- Version: rpm-4.3.2 (beecrypt-3.0.0) mQGiBD/XT6oRBADPpYAPClDtKLGSZKmDU3pI9XCrsa+sR3CAJgrscSsffDQFEV7VjgO520G3 +qBMG/ArgFHrJyFEWk4dNQsR7zRb8B+/ZFo3IhZKbk3gbjYsTrd05t4zDDYIS/GhWKHyhopK 6B9uhcKNbuAqA0fM9jDG2j46wmwtLpIrfLa/1SgQQwCgxF4Bdw4YoNhwUM98JTn3/Ojw8TcE AKLxQsGCjLQNl4DTEev7w4BKzx95eCVnQ7r7XXldgVOgAxlywGYDJVQn3Zn9Ad4/+8g2wHXc JxLNHUEIrsdZVqllzdYiQa27TtI3RLF09leKZQD1awX6sAZxYgCUlQhCukPc61FP3upyna0g WFO6Jf/iS/PhZ96T00h2GliwePGTA/97g61DjVFKTlWUH1Bzz61rwtE3apsCX50W8J76Uris ipl4niZC9Ns30ulyLUgLhTiCvdejqy9O1ONdH9W0ALwv1ThbRlo5I92rWLCwgUpko38qo1bS NQ7DrCfKegKqiCpUltZ00gyUmAkKQTS9/nI/+lEKYkQJvY6ha5d3PC5SkLQqTWFuZHJha2VD b29rZXIgPGNvb2tlckBsaW51eC1tYW5kcmFrZS5jb20+iEYEExECAAYFAj/XVeQACgkQ54mK 4HB3H/OgQQCdECI6SKQHUuNr5P2teLVkZzRRHtgAn04q+NhEnzdll0Ga3SjZyV3kkCxtiEYE ExECAAYFAj/XV68ACgkQRFk1+HjQGfXYaQCeK932DKZ/k7YNaFpE/RTDTVAE3uwAoKFJgC8D PPZUvF/9//kCG6ZImPKhiEYEExECAAYFAkFJa9AACgkQZRpWSY1Kclmf1gCfV/YbNHKSj4ls Bl5ykSF/SolV8lAAoMpjZJCVKqTilTv2U6pZDC3HHgQPiF4EExECAB4FAj/XT6oCGwMGCwkI BwMCAxUCAwMWAgECHgECF4AACgkQ3WhNeiZ1JiRczQCdGbsWsP/kMRVHdl1RKh8SRwpLeVcA oKc6QNmnR5a7FvrBvF1+qeeOe/cXuQENBD/XT6sQBAD5JPDpZ1toBcgDPsutvUfFBPJ0Iwi2 5p6rExQFssH7Pc9LVP1w/pXXuenuW9d1WqivU6AhBC7hqgjhyf12WJ/rouM52w+RqqNtcIRK 4gqHqYkuP54TD6bAXERC1eTJu4/XzZPRh5OR9FQSEmLGp7f662EqANPP3zZlE9El4zu1ywAD BQQAvjEq5o0FD0zEoVhfjhsPU/uHBG9JIwOPiWBWJlYnLefWgEU/qqGrq23bfBnHvrfS1nmB LId0j6BBhUhDWk2baP5GPcPb9AKXsqUtTiJGFJaIJtVJ5FQT0jvHgcgaCRAfGBCe9zBCPzxV +jaEXI269n4VvGRpcK8uFTAwiFnvzmWISQQYEQIACQUCP9dPqwIbDAAKCRDdaE16JnUmJIZU AKC45vNS3JYh5MPbW0UhOgw69M1sZgCfZI0GCIVleeEzgIx+eDBjS4zDtDU= =3VJl -----END PGP PUBLIC KEY BLOCK----- Name : gpg-pubkey Relocations: (not relocatable) Version : 70771ff3 Vendor: (none) Release : 3fd755e4 Build Date: Sun 03 Apr 2005 06:59:46 PM EEST Install Date: Sun 03 Apr 2005 06:59:46 PM EEST Build Host: localhost Group : Public Keys Source RPM: (none) Size : 0 License: pubkey Signature : (none) Summary : gpg(MandrakeCooker <cooker>) Description : -----BEGIN PGP PUBLIC KEY BLOCK----- Version: rpm-4.3.2 (beecrypt-3.0.0) mQGiBD/XT6oRBADPpYAPClDtKLGSZKmDU3pI9XCrsa+sR3CAJgrscSsffDQFEV7VjgO520G3 +qBMG/ArgFHrJyFEWk4dNQsR7zRb8B+/ZFo3IhZKbk3gbjYsTrd05t4zDDYIS/GhWKHyhopK 6B9uhcKNbuAqA0fM9jDG2j46wmwtLpIrfLa/1SgQQwCgxF4Bdw4YoNhwUM98JTn3/Ojw8TcE AKLxQsGCjLQNl4DTEev7w4BKzx95eCVnQ7r7XXldgVOgAxlywGYDJVQn3Zn9Ad4/+8g2wHXc JxLNHUEIrsdZVqllzdYiQa27TtI3RLF09leKZQD1awX6sAZxYgCUlQhCukPc61FP3upyna0g WFO6Jf/iS/PhZ96T00h2GliwePGTA/97g61DjVFKTlWUH1Bzz61rwtE3apsCX50W8J76Uris ipl4niZC9Ns30ulyLUgLhTiCvdejqy9O1ONdH9W0ALwv1ThbRlo5I92rWLCwgUpko38qo1bS NQ7DrCfKegKqiCpUltZ00gyUmAkKQTS9/nI/+lEKYkQJvY6ha5d3PC5SkLQqTWFuZHJha2VD b29rZXIgPGNvb2tlckBsaW51eC1tYW5kcmFrZS5jb20+iEYEExECAAYFAj/XVeQACgkQ54mK 4HB3H/OgQQCdECI6SKQHUuNr5P2teLVkZzRRHtgAn04q+NhEnzdll0Ga3SjZyV3kkCxtiEYE ExECAAYFAj/XV68ACgkQRFk1+HjQGfXYaQCeK932DKZ/k7YNaFpE/RTDTVAE3uwAoKFJgC8D PPZUvF/9//kCG6ZImPKhiEYEExECAAYFAkFJa9AACgkQZRpWSY1Kclmf1gCfV/YbNHKSj4ls Bl5ykSF/SolV8lAAoMpjZJCVKqTilTv2U6pZDC3HHgQPiF4EExECAB4FAj/XT6oCGwMGCwkI BwMCAxUCAwMWAgECHgECF4AACgkQ3WhNeiZ1JiRczQCdGbsWsP/kMRVHdl1RKh8SRwpLeVcA oKc6QNmnR5a7FvrBvF1+qeeOe/cXuQENBD/XT6sQBAD5JPDpZ1toBcgDPsutvUfFBPJ0Iwi2 5p6rExQFssH7Pc9LVP1w/pXXuenuW9d1WqivU6AhBC7hqgjhyf12WJ/rouM52w+RqqNtcIRK 4gqHqYkuP54TD6bAXERC1eTJu4/XzZPRh5OR9FQSEmLGp7f662EqANPP3zZlE9El4zu1ywAD BQQAvjEq5o0FD0zEoVhfjhsPU/uHBG9JIwOPiWBWJlYnLefWgEU/qqGrq23bfBnHvrfS1nmB LId0j6BBhUhDWk2baP5GPcPb9AKXsqUtTiJGFJaIJtVJ5FQT0jvHgcgaCRAfGBCe9zBCPzxV +jaEXI269n4VvGRpcK8uFTAwiFnvzmWISQQYEQIACQUCP9dPqwIbDAAKCRDdaE16JnUmJIZU AKC45vNS3JYh5MPbW0UhOgw69M1sZgCfZI0GCIVleeEzgIx+eDBjS4zDtDU= =3VJl -----END PGP PUBLIC KEY BLOCK----- How one can delete the duplicate keys from the rpm database? And how in the first place rpm allows to import some same key twice? I did RTFM and did: # rpm -e --allmatches gpg-pubkey-70771ff3-3fd755e4 # rpm -e --allmatches gpg-pubkey-9ee149fd-3e65371e Got rid of those duplicate keys, re-installed Mandrake key, but still the key do not match. Is there a bug, misuse (in my part), or key hash collision? # rpm --import -v -v 26752624.asc D: opening db environment /var/lib/rpm/Packages joinenv D: opening db index /var/lib/rpm/Packages create mode=0x42 D: locked db index /var/lib/rpm/Packages D: opening db index /var/lib/rpm/Name create mode=0x42 D: adding "gpg-pubkey" to Name index. D: opening db index /var/lib/rpm/Group create mode=0x42 D: adding "Public Keys" to Group index. D: opening db index /var/lib/rpm/Providename create mode=0x42 D: adding 2 entries to Providename index. D: opening db index /var/lib/rpm/Provideversion create mode=0x42 D: adding 2 entries to Provideversion index. D: opening db index /var/lib/rpm/Installtid create mode=0x42 D: adding 1 entries to Installtid index. D: opening db index /var/lib/rpm/Pubkeys create mode=0x42 D: adding 1 entries to Pubkeys index. D: closed db index /var/lib/rpm/Pubkeys D: closed db index /var/lib/rpm/Installtid D: closed db index /var/lib/rpm/Provideversion D: closed db index /var/lib/rpm/Providename D: closed db index /var/lib/rpm/Group D: closed db index /var/lib/rpm/Name D: closed db index /var/lib/rpm/Packages D: closed db environment /var/lib/rpm/Packages # rpm -q gpg-pubkey-* gpg-pubkey-db42a60e-37ea5438 gpg-pubkey-4f2a6fd2-3f9d9d3b gpg-pubkey-6b8d79e6-3f49313d gpg-pubkey-e42d547b-3960bdf1 gpg-pubkey-9b3c94f4-3b0e54e8 gpg-pubkey-70771ff3-3fd755e4 # rpm --checksig /tmp/mpgtx-1.3-3mdk.i586.rpm /tmp/mpgtx-1.3-3mdk.i586.rpm: (SHA1) DSA sha1 md5 (GPG) NOT OK (MISSING KEYS: GPG#26752624) # gpg --list-keys 26752624 pub 1024D/26752624 2003-12-10 MandrakeCooker <cooker> sub 1024g/E5CC3CAA 2003-12-10 |
Description of problem: When trying to add a public key using rpm --import with a gpg exported failed, while gpg --import and pgpk -a worked fine. importing the same key that has first been imported and export with pgpk -xa using rpm --import worked fine. # rpm --import build.key error: build.key: import read failed. # $ pgpk -a build.key.asc Adding keys: Key ring: 'build.key.asc' Type Bits KeyID Created Expires Algorithm Use pub 2048 0x6D35162F 2003-12-09 ---------- RSA Sign & Encrypt uid Openswan Master Signing Key <build> 1 matching key found Add these keys to your keyring? [Y/n] Keys added successfully. $ pgpk -xa build > out # rpm --import out # Additional info: The diff between the two keyfile formats show only the header is different: diff other.key.asc build.key.asc 2,3c2,3 < Version: PGPfreeware 5.0i for non-commercial use < --- > Version: GnuPG v1.2.3 (GNU/Linux) >