Bug 2188684
| Summary: | contains expired RPM-GPG-KEY-openSUSE-Backports key | ||
|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Brian J. Murrell <brian.murrell> |
| Component: | distribution-gpg-keys | Assignee: | Miroslav Suchý <msuchy> |
| Status: | CLOSED ERRATA | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
| Severity: | unspecified | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 38 | CC: | copr-team, msuchy |
| Target Milestone: | --- | Keywords: | Regression |
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | distribution-gpg-keys-1.87-1.fc38 distribution-gpg-keys-1.87-1.fc37 distribution-gpg-keys-1.87-1.el7 distribution-gpg-keys-1.87-1.el8 distribution-gpg-keys-1.87-1.el9 distribution-gpg-keys-1.87-1.fc36 | Doc Type: | If docs needed, set a value |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2023-04-24 18:32:03 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
This problem gets more interesting. The same version of mock (3.5) on F37 and F38 behave differently with this expired key. On F37: Importing GPG key 0x65176565: Userid : "openSUSE:Backports OBS Project <openSUSE:Backports.org>" Fingerprint: 637B 32FF 3D83 F07A 7AE1 C40A 9C21 4D40 6517 6565 From : /usr/share/distribution-gpg-keys/opensuse/RPM-GPG-KEY-openSUSE-Backports Key imported successfully but on F38: Importing GPG key 0x65176565: Userid : "openSUSE:Backports OBS Project <openSUSE:Backports.org>" Fingerprint: 637B 32FF 3D83 F07A 7AE1 C40A 9C21 4D40 6517 6565 From : /usr/share/distribution-gpg-keys/opensuse/RPM-GPG-KEY-openSUSE-Backports error: Certificate 9C214D4065176565: The certificate is expired: The primary key is not live Did something change in F38 with regard to importing expired keys? Did Fedora, prior to 38 not check if a key was expired when it imported it but 38 has started validating the expiry of the key? Is it perhaps the switch to Sequoia crypto (https://fedoraproject.org/wiki/Changes/RpmSequoia)? Several issues here: > On F37 > From : /usr/share/distribution-gpg-keys/opensuse/RPM-GPG-KEY-openSUSE-Backports >Key imported successfully This is a problem. Cc @jmracek And I guess that - yes - this is related to rpmSequoia change. Not sure if DNF team will want on fix in F37 when it works correctly in F38. > the problem is actually the expired key being included in distribution-gpg-keys I do NOT see this as a problem. This **is** the key that SUSE uses for backports. Even today, it is here: http://download.opensuse.org/repositories/openSUSE:/Backports:/SLE-15-SP3:/Update/standard/ If you want to get this addressed, you have to contact SUSE. And I do not see a problem that the file is expired. I guarantee that the content of the file is unchanged. But you still have to check if the key is not expired. Or revoked. Is all of the content and status change in comment#2 before or after the comment/realization in https://github.com/xsuchy/distribution-gpg-keys/issues/91#issuecomment-1521382875 upstream? If before, should this ticket be re-evaluated @msuchy? FEDORA-EPEL-2023-b5c6bb26d7 has been submitted as an update to Fedora EPEL 8. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-b5c6bb26d7 FEDORA-2023-aceb7fc54a has been submitted as an update to Fedora 38. https://bodhi.fedoraproject.org/updates/FEDORA-2023-aceb7fc54a FEDORA-EPEL-2023-b1ae265e04 has been submitted as an update to Fedora EPEL 7. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-b1ae265e04 FEDORA-EPEL-2023-2b24d13a34 has been submitted as an update to Fedora EPEL 9. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-2b24d13a34 FEDORA-2023-d43304bab0 has been submitted as an update to Fedora 37. https://bodhi.fedoraproject.org/updates/FEDORA-2023-d43304bab0 FEDORA-2023-d43304bab0 has been pushed to the Fedora 37 testing repository. Soon you'll be able to install the update with the following command: `sudo dnf upgrade --enablerepo=updates-testing --refresh --advisory=FEDORA-2023-d43304bab0` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2023-d43304bab0 See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates. FEDORA-2023-315f8a5ff1 has been pushed to the Fedora 36 testing repository. Soon you'll be able to install the update with the following command: `sudo dnf upgrade --enablerepo=updates-testing --refresh --advisory=FEDORA-2023-315f8a5ff1` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2023-315f8a5ff1 See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates. FEDORA-2023-aceb7fc54a has been pushed to the Fedora 38 testing repository. Soon you'll be able to install the update with the following command: `sudo dnf upgrade --enablerepo=updates-testing --refresh --advisory=FEDORA-2023-aceb7fc54a` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2023-aceb7fc54a See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates. FEDORA-EPEL-2023-2b24d13a34 has been pushed to the Fedora EPEL 9 testing repository. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-2b24d13a34 See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates. FEDORA-EPEL-2023-b1ae265e04 has been pushed to the Fedora EPEL 7 testing repository. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-b1ae265e04 See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates. FEDORA-EPEL-2023-b5c6bb26d7 has been pushed to the Fedora EPEL 8 testing repository. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-b5c6bb26d7 See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates. FEDORA-2023-aceb7fc54a has been pushed to the Fedora 38 stable repository. If problem still persists, please make note of it in this bug report. FEDORA-2023-d43304bab0 has been pushed to the Fedora 37 stable repository. If problem still persists, please make note of it in this bug report. FEDORA-EPEL-2023-b1ae265e04 has been pushed to the Fedora EPEL 7 stable repository. If problem still persists, please make note of it in this bug report. FEDORA-EPEL-2023-b5c6bb26d7 has been pushed to the Fedora EPEL 8 stable repository. If problem still persists, please make note of it in this bug report. FEDORA-EPEL-2023-2b24d13a34 has been pushed to the Fedora EPEL 9 stable repository. If problem still persists, please make note of it in this bug report. FEDORA-2023-315f8a5ff1 has been pushed to the Fedora 36 stable repository. If problem still persists, please make note of it in this bug report. |
RPM-GPG-KEY-openSUSE-Backports appears to be expired. # cat /usr/share/distribution-gpg-keys/opensuse/RPM-GPG-KEY-openSUSE-Backports -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.4.5 (GNU/Linux) mQENBFVoS3UBCAC2SATmg4+9L7G0FVrtWC34ltD+FUeaBbqcEn9mlFTJRSNcGdRd 0/lXOmTTIq0j7yxPXebyrEmMEDJ6wSdvH8seeO41iYe8dim0/qdlan7tRTkYiQVH uMzwvyhF2wRgN0/GM+4/ELYV7+YMrHn1Ty5l0N6g4mTpe0OM5xCf0j3H/pAG40cv y6+hMcmHTvEHrbH4+fJZxbPkV18BGCEWFAZlS5e+1M6STm4+FXKSX26oeYL/ZkT7 FkQGEyLMIqBSYMVV+ooidONy1Ct0WsgwKk+c0myZ2ZWgUoE1FhUeZgWXD3t3eJbV 6L1dMX3o51NX8nb6YcV3GYXObjjvIgFVnnnNABEBAAG0Rm9wZW5TVVNFOkJhY2tw b3J0cyBPQlMgUHJvamVjdCA8b3BlblNVU0U6QmFja3BvcnRzQGJ1aWxkLm9wZW5z dXNlLm9yZz6JAT4EEwECACgFAl2Uo4ECGwMFCQxLCAwGCwkIBwMCBhUIAgkKCwQW AgMBAh4BAheAAAoJEJwhTUBlF2Vl48QH/39wmpkDh8c6g6QdkACrf503VgLrLS/1 tHlp8decgeN3qoDiCBCek1HqfzTFQSStcWm7KanKIW5fBFSp6Lkqb32yBsibW4Kk R6x76zqbvmd4YfM6b1qMIzpACghgke8zKePdPpp0JXOU8duIaqf5eQNw91RMhsBZ alDy7MaSitOH/XzNiZW+V9lZnrma0ySqVJLqIPpB0s7U5YIblPpLl0qxi0VqqTRS 6WZkjopvT3RKk8X/N4xAhxcQW07KOKkqmfPliKazTVPzPL542pnTH2yF9Wpv8bhQ FyzFthGE9Ri8tVm0r6UOElR0Bg7zA6A0NPUWKmgY37YCRpfz3DDE8GyIRgQTEQIA BgUCVWhLdgAKCRA7MBG3a51lI3xLAKCqjianm4ZKLCxspXHKvPI1UKlfGwCfXj6l bd2KrM801FeRkNevZOyNdxM= =BFUp -----END PGP PUBLIC KEY BLOCK----- # gpg /usr/share/distribution-gpg-keys/opensuse/RPM-GPG-KEY-openSUSE-Backports gpg: directory '/root/.gnupg' created gpg: keybox '/root/.gnupg/pubring.kbx' created gpg: WARNING: no command supplied. Trying to guess what you mean ... pub rsa2048 2015-05-29 [SC] [expired: 2021-12-10] 637B32FF3D83F07A7AE1C40A9C214D4065176565 uid openSUSE:Backports OBS Project <openSUSE:Backports.org> The updated key appears to be: -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.4.5 (GNU/Linux) mQENBFVoS3UBCAC2SATmg4+9L7G0FVrtWC34ltD+FUeaBbqcEn9mlFTJRSNcGdRd 0/lXOmTTIq0j7yxPXebyrEmMEDJ6wSdvH8seeO41iYe8dim0/qdlan7tRTkYiQVH uMzwvyhF2wRgN0/GM+4/ELYV7+YMrHn1Ty5l0N6g4mTpe0OM5xCf0j3H/pAG40cv y6+hMcmHTvEHrbH4+fJZxbPkV18BGCEWFAZlS5e+1M6STm4+FXKSX26oeYL/ZkT7 FkQGEyLMIqBSYMVV+ooidONy1Ct0WsgwKk+c0myZ2ZWgUoE1FhUeZgWXD3t3eJbV 6L1dMX3o51NX8nb6YcV3GYXObjjvIgFVnnnNABEBAAG0Rm9wZW5TVVNFOkJhY2tw b3J0cyBPQlMgUHJvamVjdCA8b3BlblNVU0U6QmFja3BvcnRzQGJ1aWxkLm9wZW5z dXNlLm9yZz6JAT4EEwECACgFAmGg7o8CGwMFCRBXUxoGCwkIBwMCBhUIAgkKCwQW AgMBAh4BAheAAAoJEJwhTUBlF2VlB14H/3XlaiL/2FwRRkrh9VIiBk90pz50C4DJ BitxFzJX5rDFKkzijizqxeIn+5kjgCsvtsCgfXWC1zY1nAeJn0/KRbIcyNskpZ2c +mHg9931z7zztwX5N7TcgPOCyhGGgrPs8I3K4t3qyECT0OnG5wVYuENzJBHi9POI IkGcrjTSxgi1M3HMbcGXQsNc+W08M8HIMS3rnEh6QSCIC8c9hjos22k1W52WdxrK //qj9+08hn2O3R+UBKqrMokGR1oFwYPXVqte5oSw1JZ9+j8/jm+b3jG2j3o3eAIr uGOZrgQnImXZxcWfZaplFmdcXT8f5mBuJ5VzlVZxvxJ+lVzaFZLNJwOIRgQTEQIA BgUCVWhLdgAKCRA7MBG3a51lI3xLAKCqjianm4ZKLCxspXHKvPI1UKlfGwCfXj6l bd2KrM801FeRkNevZOyNdxM= =9UDk -----END PGP PUBLIC KEY BLOCK----- which gpg shows to be: pub rsa2048 2015-05-29 [SC] [expires: 2024-02-04] 637B32FF3D83F07A7AE1C40A9C214D4065176565 uid openSUSE:Backports OBS Project <openSUSE:Backports.org> This is causing mock to fail: $ mock -r opensuse-leap-15.4-x86_64 --shell id INFO: mock.py version 3.5 starting (python version = 3.11.2, NVR = mock-3.5-2.fc38)... Start(bootstrap): init plugins INFO: selinux disabled Finish(bootstrap): init plugins Start: init plugins INFO: selinux disabled Finish: init plugins INFO: Signal handler active Start: run Start(bootstrap): chroot init INFO: calling preinit hooks INFO: enabled root cache INFO: enabled package manager cache Start(bootstrap): cleaning package manager metadata Finish(bootstrap): cleaning package manager metadata INFO: enabled HW Info plugin Start(bootstrap): dnf install No matches found for the following disable plugin patterns: local, spacewalk, versionlock openSUSE Leap 15.4 - x86_64 - OSS 3.7 MB/s | 87 MB 00:23 openSUSE Leap 15.4 - x86_64 - OSS - Updates 379 kB/s | 757 kB 00:01 openSUSE Leap 15.4 - x86_64 - Updates from SUSE Linux Enterprise 3.8 MB/s | 147 MB 00:38 openSUSE Leap 15.4 - x86_64 - Updates from Backports for SUSE Linux Enterprise 946 kB/s | 2.4 MB 00:02 Last metadata expiration check: 0:00:01 ago on Fri Apr 21 15:32:09 2023. Dependencies resolved. ============================================================================================================================================================================================ Package Architecture Version Repository Size ============================================================================================================================================================================================ Installing: dnf noarch 4.10.0-bp154.2.65 opensuse-leap-oss 76 k dnf-plugins-core noarch 4.0.24-bp154.1.27 opensuse-leap-oss 46 k Installing dependencies: bash x86_64 4.4-150400.25.22 opensuse-leap-oss 522 k bash-sh x86_64 4.4-150400.25.22 opensuse-leap-oss 32 k coreutils x86_64 8.32-150400.7.5 opensuse-leap-oss 1.0 M cracklib x86_64 2.9.7-11.6.1 opensuse-leap-oss 58 k cracklib-dict-full x86_64 2.8.12-1.22 opensuse-leap-oss 3.1 M dbus-1 x86_64 1.12.2-150400.18.5.1 opensuse-leap-sle-update 249 k deltarpm x86_64 3.6.1-3.19 opensuse-leap-oss 212 k diffutils x86_64 3.6-4.3.1 opensuse-leap-oss 184 k dnf-data noarch 4.10.0-bp154.2.65 opensuse-leap-oss 58 k file-magic noarch 5.32-7.14.1 opensuse-leap-oss 398 k filesystem x86_64 15.0-11.8.1 opensuse-leap-oss 64 k fillup x86_64 1.42-2.18 opensuse-leap-oss 25 k gio-branding-SLE noarch 15-150400.27.2.1 opensuse-leap-sle-update 18 k girepository-1_0 x86_64 1.70.0-150400.2.10 opensuse-leap-oss 181 k glib2-tools x86_64 2.70.5-150400.3.3.1 opensuse-leap-sle-update 201 k glibc x86_64 2.31-150300.46.1 opensuse-leap-sle-update 1.7 M gpg2 x86_64 2.2.27-150300.3.5.1 opensuse-leap-sle-update 1.9 M grep x86_64 3.1-150000.4.6.1 opensuse-leap-sle-update 308 k info x86_64 6.5-4.17 opensuse-leap-oss 173 k krb5 x86_64 1.19.2-150400.3.3.1 opensuse-leap-sle-update 633 k libacl1 x86_64 2.2.52-4.3.1 opensuse-leap-oss 27 k libassuan0 x86_64 2.5.5-150000.4.3.1 opensuse-leap-sle-update 70 k libattr1 x86_64 2.4.47-2.19 opensuse-leap-oss 26 k libaudit1 x86_64 3.0.6-150400.2.13 opensuse-leap-oss 59 k libblkid1 x86_64 2.37.2-150400.8.14.1 opensuse-leap-sle-update 179 k libbrotlicommon1 x86_64 1.0.7-3.3.1 opensuse-leap-oss 65 k libbrotlidec1 x86_64 1.0.7-3.3.1 opensuse-leap-oss 30 k libbz2-1 x86_64 1.0.8-150400.1.122 opensuse-leap-oss 59 k libcap-ng0 x86_64 0.7.9-4.37 opensuse-leap-oss 26 k libcap2 x86_64 2.63-150400.1.7 opensuse-leap-oss 40 k libcom_err2 x86_64 1.46.4-150400.3.3.1 opensuse-leap-sle-update 40 k libcomps0 x86_64 0.1.18-bp154.1.62 opensuse-leap-oss 70 k libcrack2 x86_64 2.9.7-11.6.1 opensuse-leap-oss 21 k libcrypt1 x86_64 4.4.15-150300.4.4.3 opensuse-leap-sle-update 105 k libcurl4 x86_64 7.79.1-150400.5.18.1 opensuse-leap-sle-update 419 k libdbus-1-3 x86_64 1.12.2-150400.18.5.1 opensuse-leap-sle-update 151 k libdnf2 x86_64 0.65.0-150400.2.6 opensuse-leap-oss 967 k libdw1 x86_64 0.185-150400.5.3.1 opensuse-leap-sle-update 229 k libeconf0 x86_64 0.4.6+git20220427.3016f4e-150400.3.3.1 opensuse-leap-sle-update 33 k libelf1 x86_64 0.185-150400.5.3.1 opensuse-leap-sle-update 68 k libexpat1 x86_64 2.4.4-150400.3.12.1 opensuse-leap-sle-update 112 k libffi7 x86_64 3.2.1.git259-10.8 opensuse-leap-oss 25 k libgcc_s1 x86_64 12.2.1+git416-150000.1.7.1 opensuse-leap-sle-update 62 k libgcrypt20 x86_64 1.9.4-150400.6.8.1 opensuse-leap-sle-update 475 k libgio-2_0-0 x86_64 2.70.5-150400.3.3.1 opensuse-leap-sle-update 687 k libgirepository-1_0-1 x86_64 1.70.0-150400.2.10 opensuse-leap-oss 116 k libglib-2_0-0 x86_64 2.70.5-150400.3.3.1 opensuse-leap-sle-update 650 k libgmodule-2_0-0 x86_64 2.70.5-150400.3.3.1 opensuse-leap-sle-update 109 k libgmp10 x86_64 6.1.2-4.9.1 opensuse-leap-oss 272 k libgobject-2_0-0 x86_64 2.70.5-150400.3.3.1 opensuse-leap-sle-update 232 k libgpg-error0 x86_64 1.42-150400.1.101 opensuse-leap-oss 158 k libgpgme11 x86_64 1.16.0-150400.1.80 opensuse-leap-oss 155 k libidn2-0 x86_64 2.2.0-3.6.1 opensuse-leap-oss 52 k libjitterentropy3 x86_64 3.4.0-150000.1.9.1 opensuse-leap-sle-update 25 k libjson-c3 x86_64 0.13-3.3.1 opensuse-leap-oss 41 k libkeyutils1 x86_64 1.6.3-5.6.1 opensuse-leap-oss 26 k libksba8 x86_64 1.3.5-150000.4.6.1 opensuse-leap-sle-update 104 k libldap-2_4-2 x86_64 2.4.46-150200.14.11.2 opensuse-leap-sle-update 168 k libldap-data noarch 2.4.46-150200.14.11.2 opensuse-leap-sle-update 35 k liblua5_3-5 x86_64 5.3.6-3.6.1 opensuse-leap-oss 101 k liblz4-1 x86_64 1.9.3-150400.1.7 opensuse-leap-oss 65 k liblzma5 x86_64 5.2.3-150000.4.7.1 opensuse-leap-oss 132 k libmagic1 x86_64 5.32-7.14.1 opensuse-leap-oss 74 k libmodulemd2 x86_64 2.13.0-150400.1.8 opensuse-leap-oss 150 k libmount1 x86_64 2.37.2-150400.8.14.1 opensuse-leap-sle-update 194 k libncurses6 x86_64 6.1-150000.5.12.1 opensuse-leap-sle-update 404 k libnghttp2-14 x86_64 1.40.0-6.1 opensuse-leap-oss 117 k libnpth0 x86_64 1.5-2.11 opensuse-leap-oss 33 k libnsl2 x86_64 1.2.0-2.44 opensuse-leap-oss 54 k libopenssl1_1 x86_64 1.1.1l-150400.7.34.1 opensuse-leap-sle-update 1.4 M libpcre1 x86_64 8.45-150000.20.13.1 opensuse-leap-sle-update 326 k libpopt0 x86_64 1.16-3.22 opensuse-leap-oss 55 k libpsl5 x86_64 0.20.1-150000.3.3.1 opensuse-leap-sle-update 62 k libpython3_6m1_0 x86_64 3.6.15-150300.10.45.1 opensuse-leap-sle-update 870 k libreadline7 x86_64 7.0-150400.25.22 opensuse-leap-oss 158 k librepo0 x86_64 1.14.2-150400.1.10 opensuse-leap-oss 81 k libsasl2-3 x86_64 2.1.27-150300.4.6.1 opensuse-leap-oss 58 k libselinux1 x86_64 3.1-150400.1.69 opensuse-leap-oss 78 k libsemanage1 x86_64 3.1-150400.1.65 opensuse-leap-oss 97 k libsepol1 x86_64 3.1-150400.1.70 opensuse-leap-oss 257 k libsmartcols1 x86_64 2.37.2-150400.8.14.1 opensuse-leap-sle-update 140 k libsqlite3-0 x86_64 3.39.3-150000.3.20.1 opensuse-leap-sle-update 633 k libssh-config x86_64 0.9.6-150400.1.5 opensuse-leap-oss 20 k libssh4 x86_64 0.9.6-150400.1.5 opensuse-leap-oss 189 k libstdc++6 x86_64 12.2.1+git416-150000.1.7.1 opensuse-leap-sle-update 588 k libsystemd0 x86_64 249.16-150400.8.25.7 opensuse-leap-sle-update 548 k libtirpc-netconfig x86_64 1.2.6-150300.3.17.1 opensuse-leap-sle-update 24 k libtirpc3 x86_64 1.2.6-150300.3.17.1 opensuse-leap-sle-update 101 k libudev1 x86_64 249.16-150400.8.25.7 opensuse-leap-sle-update 312 k libunistring2 x86_64 0.9.10-1.1 opensuse-leap-oss 365 k libusb-1_0-0 x86_64 1.0.24-150400.3.3.1 opensuse-leap-sle-update 70 k libverto1 x86_64 0.2.6-3.20 opensuse-leap-oss 18 k libxml2-2 x86_64 2.9.14-150400.5.13.1 opensuse-leap-sle-update 604 k libyaml-0-2 x86_64 0.1.7-1.17 opensuse-leap-oss 51 k libz1 x86_64 1.2.11-150000.3.39.1 opensuse-leap-sle-update 63 k libzck1 x86_64 1.1.16-150400.3.2.1 opensuse-leap-sle-update 43 k libzio1 x86_64 1.06-2.20 opensuse-leap-oss 25 k libzstd1 x86_64 1.5.0-150400.3.3.1 opensuse-leap-sle-update 401 k login_defs noarch 4.8.1-150400.10.3.1 opensuse-leap-sle-update 33 k pam x86_64 1.3.0-150000.6.61.1 opensuse-leap-sle-update 438 k perl-base x86_64 5.26.1-150300.17.11.1 opensuse-leap-sle-update 1.3 M permissions x86_64 20201225-150400.5.16.1 opensuse-leap-sle-update 45 k pinentry x86_64 1.1.0-4.3.1 opensuse-leap-oss 95 k pkg-config x86_64 0.29.2-1.436 opensuse-leap-oss 232 k python3 x86_64 3.6.15-150300.10.45.1 opensuse-leap-sle-update 85 k python3-base x86_64 3.6.15-150300.10.45.1 opensuse-leap-sle-update 7.5 M python3-curses x86_64 3.6.15-150300.10.45.1 opensuse-leap-sle-update 83 k python3-dbus-python x86_64 1.2.16-6.3.1 opensuse-leap-oss 123 k python3-distro noarch 1.5.0-3.5.1 opensuse-leap-oss 36 k python3-dnf noarch 4.10.0-bp154.2.65 opensuse-leap-oss 200 k python3-dnf-plugins-core noarch 4.0.24-bp154.1.27 opensuse-leap-oss 58 k python3-gobject x86_64 3.42.2-150400.3.3.2 opensuse-leap-sle-update 398 k python3-gpg x86_64 1.16.0-150400.1.80 opensuse-leap-oss 250 k python3-hawkey x86_64 0.65.0-150400.2.6 opensuse-leap-oss 95 k python3-libcomps x86_64 0.1.18-bp154.1.62 opensuse-leap-oss 42 k python3-libdnf x86_64 0.65.0-150400.2.6 opensuse-leap-oss 622 k python3-libmodulemd x86_64 2.13.0-150400.1.8 opensuse-leap-oss 15 k python3-python-dateutil noarch 2.8.1-1.24 opensuse-leap-oss 312 k python3-rpm x86_64 4.14.3-150300.55.1 opensuse-leap-sle-update 56 k python3-six noarch 1.14.0-12.1 opensuse-leap-oss 35 k rpm x86_64 4.14.3-150300.55.1 opensuse-leap-sle-update 1.5 M rpm-config-SUSE noarch 1-150400.14.3.1 opensuse-leap-sle-update 25 k shadow x86_64 4.8.1-150400.10.3.1 opensuse-leap-sle-update 611 k shared-mime-info x86_64 2.1-150400.3.5 opensuse-leap-oss 314 k system-user-root noarch 20190513-3.3.1 opensuse-leap-oss 9.0 k terminfo-base x86_64 6.1-150000.5.12.1 opensuse-leap-sle-update 206 k typelib-1_0-Modulemd-2_0 x86_64 2.13.0-150400.1.8 opensuse-leap-oss 24 k update-alternatives x86_64 1.19.0.4-150000.4.4.1 opensuse-leap-sle-update 43 k Transaction Summary ============================================================================================================================================================================================ Install 130 Packages Total download size: 41 M Installed size: 138 M Downloading Packages: (1/130): bash-sh-4.4-150400.25.22.x86_64.rpm 24 kB/s | 32 kB 00:01 (2/130): bash-4.4-150400.25.22.x86_64.rpm 331 kB/s | 522 kB 00:01 (3/130): cracklib-2.9.7-11.6.1.x86_64.rpm 169 kB/s | 58 kB 00:00 (4/130): coreutils-8.32-150400.7.5.x86_64.rpm 587 kB/s | 1.0 MB 00:01 (5/130): diffutils-3.6-4.3.1.x86_64.rpm 479 kB/s | 184 kB 00:00 (6/130): deltarpm-3.6.1-3.19.x86_64.rpm 457 kB/s | 212 kB 00:00 (7/130): dnf-data-4.10.0-bp154.2.65.noarch.rpm 179 kB/s | 58 kB 00:00 (8/130): dnf-4.10.0-bp154.2.65.noarch.rpm 222 kB/s | 76 kB 00:00 (9/130): file-magic-5.32-7.14.1.noarch.rpm 891 kB/s | 398 kB 00:00 (10/130): dnf-plugins-core-4.0.24-bp154.1.27.noarch.rpm 79 kB/s | 46 kB 00:00 (11/130): filesystem-15.0-11.8.1.x86_64.rpm 207 kB/s | 64 kB 00:00 (12/130): cracklib-dict-full-2.8.12-1.22.x86_64.rpm 1.9 MB/s | 3.1 MB 00:01 (13/130): fillup-1.42-2.18.x86_64.rpm 86 kB/s | 25 kB 00:00 (14/130): girepository-1_0-1.70.0-150400.2.10.x86_64.rpm 503 kB/s | 181 kB 00:00 (15/130): info-6.5-4.17.x86_64.rpm 475 kB/s | 173 kB 00:00 (16/130): libacl1-2.2.52-4.3.1.x86_64.rpm 89 kB/s | 27 kB 00:00 (17/130): libattr1-2.4.47-2.19.x86_64.rpm 84 kB/s | 26 kB 00:00 (18/130): libaudit1-3.0.6-150400.2.13.x86_64.rpm 201 kB/s | 59 kB 00:00 (19/130): libbrotlicommon1-1.0.7-3.3.1.x86_64.rpm 185 kB/s | 65 kB 00:00 (20/130): libbrotlidec1-1.0.7-3.3.1.x86_64.rpm 109 kB/s | 30 kB 00:00 (21/130): libbz2-1-1.0.8-150400.1.122.x86_64.rpm 192 kB/s | 59 kB 00:00 (22/130): libcap-ng0-0.7.9-4.37.x86_64.rpm 67 kB/s | 26 kB 00:00 (23/130): libcap2-2.63-150400.1.7.x86_64.rpm 132 kB/s | 40 kB 00:00 (24/130): libcomps0-0.1.18-bp154.1.62.x86_64.rpm 212 kB/s | 70 kB 00:00 (25/130): libcrack2-2.9.7-11.6.1.x86_64.rpm 71 kB/s | 21 kB 00:00 (26/130): libffi7-3.2.1.git259-10.8.x86_64.rpm 83 kB/s | 25 kB 00:00 (27/130): libgirepository-1_0-1-1.70.0-150400.2.10.x86_64.rpm 312 kB/s | 116 kB 00:00 (28/130): libdnf2-0.65.0-150400.2.6.x86_64.rpm 1.5 MB/s | 967 kB 00:00 (29/130): libgmp10-6.1.2-4.9.1.x86_64.rpm 732 kB/s | 272 kB 00:00 (30/130): libgpg-error0-1.42-150400.1.101.x86_64.rpm 447 kB/s | 158 kB 00:00 (31/130): libgpgme11-1.16.0-150400.1.80.x86_64.rpm 444 kB/s | 155 kB 00:00 (32/130): libidn2-0-2.2.0-3.6.1.x86_64.rpm 147 kB/s | 52 kB 00:00 (33/130): libjson-c3-0.13-3.3.1.x86_64.rpm 137 kB/s | 41 kB 00:00 (34/130): libkeyutils1-1.6.3-5.6.1.x86_64.rpm 85 kB/s | 26 kB 00:00 (35/130): liblz4-1-1.9.3-150400.1.7.x86_64.rpm 153 kB/s | 65 kB 00:00 (36/130): liblua5_3-5-5.3.6-3.6.1.x86_64.rpm 172 kB/s | 101 kB 00:00 (37/130): liblzma5-5.2.3-150000.4.7.1.x86_64.rpm 291 kB/s | 132 kB 00:00 (38/130): libmagic1-5.32-7.14.1.x86_64.rpm 210 kB/s | 74 kB 00:00 (39/130): libmodulemd2-2.13.0-150400.1.8.x86_64.rpm 418 kB/s | 150 kB 00:00 (40/130): libnghttp2-14-1.40.0-6.1.x86_64.rpm 331 kB/s | 117 kB 00:00 (41/130): libnpth0-1.5-2.11.x86_64.rpm 107 kB/s | 33 kB 00:00 (42/130): libnsl2-1.2.0-2.44.x86_64.rpm 184 kB/s | 54 kB 00:00 (43/130): libpopt0-1.16-3.22.x86_64.rpm 181 kB/s | 55 kB 00:00 (44/130): libreadline7-7.0-150400.25.22.x86_64.rpm 457 kB/s | 158 kB 00:00 (45/130): librepo0-1.14.2-150400.1.10.x86_64.rpm 245 kB/s | 81 kB 00:00 (46/130): libsasl2-3-2.1.27-150300.4.6.1.x86_64.rpm 171 kB/s | 58 kB 00:00 (47/130): libselinux1-3.1-150400.1.69.x86_64.rpm 235 kB/s | 78 kB 00:00 (48/130): libsemanage1-3.1-150400.1.65.x86_64.rpm 288 kB/s | 97 kB 00:00 (49/130): libsepol1-3.1-150400.1.70.x86_64.rpm 633 kB/s | 257 kB 00:00 (50/130): libssh-config-0.9.6-150400.1.5.x86_64.rpm 67 kB/s | 20 kB 00:00 (51/130): libssh4-0.9.6-150400.1.5.x86_64.rpm 519 kB/s | 189 kB 00:00 (52/130): libverto1-0.2.6-3.20.x86_64.rpm 63 kB/s | 18 kB 00:00 (53/130): libunistring2-0.9.10-1.1.x86_64.rpm 810 kB/s | 365 kB 00:00 (54/130): libyaml-0-2-0.1.7-1.17.x86_64.rpm 165 kB/s | 51 kB 00:00 (55/130): libzio1-1.06-2.20.x86_64.rpm 84 kB/s | 25 kB 00:00 (56/130): pinentry-1.1.0-4.3.1.x86_64.rpm 276 kB/s | 95 kB 00:00 (57/130): pkg-config-0.29.2-1.436.x86_64.rpm 629 kB/s | 232 kB 00:00 (58/130): python3-dbus-python-1.2.16-6.3.1.x86_64.rpm 376 kB/s | 123 kB 00:00 (59/130): python3-distro-1.5.0-3.5.1.noarch.rpm 116 kB/s | 36 kB 00:00 (60/130): python3-dnf-4.10.0-bp154.2.65.noarch.rpm 555 kB/s | 200 kB 00:00 (61/130): python3-dnf-plugins-core-4.0.24-bp154.1.27.noarch.rpm 200 kB/s | 58 kB 00:00 (62/130): python3-gpg-1.16.0-150400.1.80.x86_64.rpm 663 kB/s | 250 kB 00:00 (63/130): python3-hawkey-0.65.0-150400.2.6.x86_64.rpm 281 kB/s | 95 kB 00:00 (64/130): python3-libcomps-0.1.18-bp154.1.62.x86_64.rpm 118 kB/s | 42 kB 00:00 (65/130): python3-libmodulemd-2.13.0-150400.1.8.x86_64.rpm 49 kB/s | 15 kB 00:00 (66/130): python3-libdnf-0.65.0-150400.2.6.x86_64.rpm 1.2 MB/s | 622 kB 00:00 (67/130): python3-python-dateutil-2.8.1-1.24.noarch.rpm 736 kB/s | 312 kB 00:00 (68/130): python3-six-1.14.0-12.1.noarch.rpm 116 kB/s | 35 kB 00:00 (69/130): system-user-root-20190513-3.3.1.noarch.rpm 76 kB/s | 9.0 kB 00:00 (70/130): shared-mime-info-2.1-150400.3.5.x86_64.rpm 811 kB/s | 314 kB 00:00 (71/130): typelib-1_0-Modulemd-2_0-2.13.0-150400.1.8.x86_64.rpm 76 kB/s | 24 kB 00:00 (72/130): dbus-1-1.12.2-150400.18.5.1.x86_64.rpm 492 kB/s | 249 kB 00:00 (73/130): glib2-tools-2.70.5-150400.3.3.1.x86_64.rpm 527 kB/s | 201 kB 00:00 (74/130): gio-branding-SLE-15-150400.27.2.1.noarch.rpm 31 kB/s | 18 kB 00:00 (75/130): grep-3.1-150000.4.6.1.x86_64.rpm 538 kB/s | 308 kB 00:00 (76/130): glibc-2.31-150300.46.1.x86_64.rpm 1.3 MB/s | 1.7 MB 00:01 (77/130): gpg2-2.2.27-150300.3.5.1.x86_64.rpm 1.4 MB/s | 1.9 MB 00:01 (78/130): krb5-1.19.2-150400.3.3.1.x86_64.rpm 756 kB/s | 633 kB 00:00 (79/130): libassuan0-2.5.5-150000.4.3.1.x86_64.rpm 200 kB/s | 70 kB 00:00 (80/130): libcom_err2-1.46.4-150400.3.3.1.x86_64.rpm 128 kB/s | 40 kB 00:00 (81/130): libblkid1-2.37.2-150400.8.14.1.x86_64.rpm 462 kB/s | 179 kB 00:00 (82/130): libcrypt1-4.4.15-150300.4.4.3.x86_64.rpm 290 kB/s | 105 kB 00:00 (83/130): libdbus-1-3-1.12.2-150400.18.5.1.x86_64.rpm 375 kB/s | 151 kB 00:00 (84/130): libcurl4-7.79.1-150400.5.18.1.x86_64.rpm 823 kB/s | 419 kB 00:00 (85/130): libeconf0-0.4.6+git20220427.3016f4e-150400.3.3.1.x86_64.rpm 118 kB/s | 33 kB 00:00 (86/130): libelf1-0.185-150400.5.3.1.x86_64.rpm 225 kB/s | 68 kB 00:00 (87/130): libexpat1-2.4.4-150400.3.12.1.x86_64.rpm 320 kB/s | 112 kB 00:00 (88/130): libdw1-0.185-150400.5.3.1.x86_64.rpm 225 kB/s | 229 kB 00:01 (89/130): libgcc_s1-12.2.1+git416-150000.1.7.1.x86_64.rpm 170 kB/s | 62 kB 00:00 (90/130): libgcrypt20-1.9.4-150400.6.8.1.x86_64.rpm 750 kB/s | 475 kB 00:00 (91/130): libgio-2_0-0-2.70.5-150400.3.3.1.x86_64.rpm 988 kB/s | 687 kB 00:00 (92/130): libglib-2_0-0-2.70.5-150400.3.3.1.x86_64.rpm 944 kB/s | 650 kB 00:00 (93/130): libgmodule-2_0-0-2.70.5-150400.3.3.1.x86_64.rpm 327 kB/s | 109 kB 00:00 (94/130): libjitterentropy3-3.4.0-150000.1.9.1.x86_64.rpm 89 kB/s | 25 kB 00:00 (95/130): libgobject-2_0-0-2.70.5-150400.3.3.1.x86_64.rpm 584 kB/s | 232 kB 00:00 (96/130): libksba8-1.3.5-150000.4.6.1.x86_64.rpm 321 kB/s | 104 kB 00:00 (97/130): libldap-2_4-2-2.4.46-150200.14.11.2.x86_64.rpm 460 kB/s | 168 kB 00:00 (98/130): libmount1-2.37.2-150400.8.14.1.x86_64.rpm 526 kB/s | 194 kB 00:00 (99/130): libldap-data-2.4.46-150200.14.11.2.noarch.rpm 55 kB/s | 35 kB 00:00 (100/130): libncurses6-6.1-150000.5.12.1.x86_64.rpm 839 kB/s | 404 kB 00:00 (101/130): libpcre1-8.45-150000.20.13.1.x86_64.rpm 664 kB/s | 326 kB 00:00 (102/130): libpsl5-0.20.1-150000.3.3.1.x86_64.rpm 131 kB/s | 62 kB 00:00 (103/130): libopenssl1_1-1.1.1l-150400.7.34.1.x86_64.rpm 1.4 MB/s | 1.4 MB 00:01 (104/130): libsmartcols1-2.37.2-150400.8.14.1.x86_64.rpm 361 kB/s | 140 kB 00:00 (105/130): libpython3_6m1_0-3.6.15-150300.10.45.1.x86_64.rpm 1.1 MB/s | 870 kB 00:00 (106/130): libsqlite3-0-3.39.3-150000.3.20.1.x86_64.rpm 1.0 MB/s | 633 kB 00:00 (107/130): libstdc++6-12.2.1+git416-150000.1.7.1.x86_64.rpm 981 kB/s | 588 kB 00:00 (108/130): libsystemd0-249.16-150400.8.25.7.x86_64.rpm 1.1 MB/s | 548 kB 00:00 (109/130): libtirpc-netconfig-1.2.6-150300.3.17.1.x86_64.rpm 75 kB/s | 24 kB 00:00 (110/130): libtirpc3-1.2.6-150300.3.17.1.x86_64.rpm 332 kB/s | 101 kB 00:00 (111/130): libusb-1_0-0-1.0.24-150400.3.3.1.x86_64.rpm 205 kB/s | 70 kB 00:00 (112/130): libudev1-249.16-150400.8.25.7.x86_64.rpm 799 kB/s | 312 kB 00:00 (113/130): libz1-1.2.11-150000.3.39.1.x86_64.rpm 200 kB/s | 63 kB 00:00 (114/130): libzck1-1.1.16-150400.3.2.1.x86_64.rpm 125 kB/s | 43 kB 00:00 (115/130): libxml2-2-2.9.14-150400.5.13.1.x86_64.rpm 904 kB/s | 604 kB 00:00 (116/130): login_defs-4.8.1-150400.10.3.1.noarch.rpm 111 kB/s | 33 kB 00:00 (117/130): libzstd1-1.5.0-150400.3.3.1.x86_64.rpm 765 kB/s | 401 kB 00:00 (118/130): pam-1.3.0-150000.6.61.1.x86_64.rpm 880 kB/s | 438 kB 00:00 (119/130): permissions-20201225-150400.5.16.1.x86_64.rpm 153 kB/s | 45 kB 00:00 (120/130): python3-3.6.15-150300.10.45.1.x86_64.rpm 272 kB/s | 85 kB 00:00 (121/130): perl-base-5.26.1-150300.17.11.1.x86_64.rpm 1.6 MB/s | 1.3 MB 00:00 (122/130): python3-curses-3.6.15-150300.10.45.1.x86_64.rpm 241 kB/s | 83 kB 00:00 (123/130): python3-gobject-3.42.2-150400.3.3.2.x86_64.rpm 868 kB/s | 398 kB 00:00 (124/130): python3-rpm-4.14.3-150300.55.1.x86_64.rpm 152 kB/s | 56 kB 00:00 (125/130): rpm-config-SUSE-1-150400.14.3.1.noarch.rpm 85 kB/s | 25 kB 00:00 (126/130): shadow-4.8.1-150400.10.3.1.x86_64.rpm 813 kB/s | 611 kB 00:00 (127/130): rpm-4.14.3-150300.55.1.x86_64.rpm 1.4 MB/s | 1.5 MB 00:01 (128/130): update-alternatives-1.19.0.4-150000.4.4.1.x86_64.rpm 128 kB/s | 43 kB 00:00 (129/130): terminfo-base-6.1-150000.5.12.1.x86_64.rpm 482 kB/s | 206 kB 00:00 (130/130): python3-base-3.6.15-150300.10.45.1.x86_64.rpm 1.8 MB/s | 7.5 MB 00:04 -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- Total 1.8 MB/s | 41 MB 00:22 openSUSE Leap 15.4 - x86_64 - OSS 965 kB/s | 988 B 00:00 Importing GPG key 0x3DBDC284: Userid : "openSUSE Project Signing Key <opensuse>" Fingerprint: 22C0 7BA5 3417 8CD0 2EFE 22AA B88B 2FD4 3DBD C284 From : /usr/share/distribution-gpg-keys/opensuse/RPM-GPG-KEY-openSUSE Key imported successfully openSUSE Leap 15.4 - x86_64 - OSS 1.1 MB/s | 1.1 kB 00:00 Importing GPG key 0x65176565: Userid : "openSUSE:Backports OBS Project <openSUSE:Backports.org>" Fingerprint: 637B 32FF 3D83 F07A 7AE1 C40A 9C21 4D40 6517 6565 From : /usr/share/distribution-gpg-keys/opensuse/RPM-GPG-KEY-openSUSE-Backports error: Certificate 9C214D4065176565: The certificate is expired: The primary key is not live Reproducible: Always Steps to Reproduce: See Details above. Actual Results: mock fails Expected Results: mock should succeed As much as the above describes mock as being the symptom, the problem is actually the expired key being included in distribution-gpg-keys. This key appears to have been expired through many past Fedora releases also. It seems that some new behaviour in mock in F38 has triggered it though. mock seems to install dnf now where it did not in F37:$ mock -r opensuse-leap-15.4-x86_64 --shell id INFO: mock.py version 3.5 starting (python version = 3.11.3, NVR = mock-3.5-1.fc37)... Start(bootstrap): init plugins INFO: selinux enabled Finish(bootstrap): init plugins Start: init plugins INFO: selinux enabled Finish: init plugins INFO: Signal handler active Start: run Start(bootstrap): chroot init INFO: calling preinit hooks INFO: enabled root cache INFO: enabled package manager cache Start(bootstrap): cleaning package manager metadata Finish(bootstrap): cleaning package manager metadata INFO: enabled HW Info plugin Finish(bootstrap): chroot init Start: chroot init INFO: calling preinit hooks INFO: enabled root cache INFO: enabled package manager cache Start: cleaning package manager metadata Finish: cleaning package manager metadata INFO: enabled HW Info plugin Finish: chroot init Start: shell uid=0(root) gid=0(root) groups=0(root) Finish: shell