Bug 147706

Summary: gpgcheck breaks yum
Product: [Fedora] Fedora Reporter: james
Component: yumAssignee: Jeremy Katz <katzj>
Status: CLOSED NOTABUG QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: 3CC: katzj
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2005-02-11 05:09:13 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description james 2005-02-10 18:55:24 UTC
From Bugzilla Helper:
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; X11; Linux i686) Opera 
7.54  [en]

Description of problem:
When "gpgcheck=1" is set in the configuration, yum will fail with
"public key not available for <package>".  Furthermore, yum makes NO 
ATTEMPT to obtain the required key or keys.

How are the keys missing after a full Fedora install???
Where is the missing dependency that leaves yum with no keys???
What package contains these "gpgcheck" keys???



Version-Release number of selected component (if applicable):
yum-2.1.13-0.fc3

How reproducible:
Always

Steps to Reproduce:
1.
2.
3.
    

Additional info:

Comment 1 james 2005-02-10 19:04:52 UTC
Actually, yum does make an attempt to download keys after "gpgcheck=1"
is removed.  Isn't that "backwards"?

 Downloading Packages:
 warning: rpmts_HdrFromFdno: V3 DSA signature: NOKEY, key ID 1ac70ce6
 public key not available for gqview-1.4.5-1.i386.rpm
 Retrieving GPG key from
http://fedoraproject.org/extras/RPM-GPG-KEY-Fedora-Extras
 Importing GPG key 0x1AC70CE6 "Fedora Pre Extras Release
<pre-extras>"
 Key imported successfully


Comment 2 Seth Vidal 2005-02-10 19:16:00 UTC
1. Did you remove gpgcheck=1 from the .repo or did you set gpgcheck=0
   - what does your /etc/yum.conf have for gpgcheck? If it has
gpgcheck=1 and your .repo does not have any contents then gpgchecking
is enabled b/c the global in yum.conf is set to 1.


2. the fedora extras keys do not ship with fedora core
3. no keys are imported to the rpmdb during  an anaconda install of the os
4. could you post your .repo file for extras.

Thanks

Comment 3 james 2005-02-11 05:01:01 UTC
I seem to have the .repo files in /etc/yum.repos.d:
 fedora-updates-testing.repo
 fedora-updates.repo
 fedora.repo

They all have gpgcheck=1.  My "extras" is in yum.conf and has
gpgcheck=1.  I commented out the global gpgcheck, but that's going to
be of no consequence here.

Looking at my "extras" entry, my bug report must be just wrong. 
Something failed the first time and worked the second time, and, in
retrospect, wouldn't have anything to do with changing the global
gpgcheck.

 [extras]
 name=Fedora Extras - $releasever - $basearch
 baseurl=http://fedoraproject.org/extras/$releasever/$basearch/
 gpgcheck=1
 gpgkey=http://fedoraproject.org/extras/RPM-GPG-KEY-Fedora-Extras

"extras" is the only repo with gpgkey.  It must have worked.
Probably notabug.  Sorry.


Comment 4 Seth Vidal 2005-02-11 05:09:13 UTC
okie doke.

closing