Bug 355331

Summary: Package wpa_supplicant-0.5.7-12.fc8.i386.rpm is not signed
Product: [Fedora] Fedora Reporter: Dick Franks <rwfranks>
Component: fedora-releaseAssignee: David Cantrell <dcantrell>
Status: CLOSED NOTABUG QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: high Docs Contact:
Priority: low    
Version: rawhideCC: drussell, john, wwoods
Target Milestone: ---   
Target Release: ---   
Hardware: i386   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2007-10-27 16:10:35 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
rubygems fails with --nogpgcheck none

Description Dick Franks 2007-10-27 15:24:33 UTC 
Description of problem:

wpa_supplicant RPM not signed.
Although of little interest in itself, problem causes yum update to abort
without doing anything.

Version-Release number of selected component (if applicable):
0.5.7-12

How reproducible:
100%

Steps to Reproduce:
1. yum update wpa_supplicant
2.
3.
  
Actual results:

# yum update wpa_supplicant
Loading "refresh-updatesd" plugin
Setting up Update Process
Resolving Dependencies
--> Running transaction check
---> Package wpa_supplicant.i386 1:0.5.7-12.fc8 set to be updated
--> Finished Dependency Resolution

Dependencies Resolved

=============================================================================
 Package                 Arch       Version          Repository        Size 
=============================================================================
Updating:
 wpa_supplicant          i386       1:0.5.7-12.fc8   fedora            253 k

Transaction Summary
=============================================================================
Install      0 Package(s)         
Update       1 Package(s)         
Remove       0 Package(s)         

Total download size: 253 k
Is this ok [y/N]: y
Downloading Packages:

Package wpa_supplicant-0.5.7-12.fc8.i386.rpm is not signed

Expected results:
Download and update of RPM

Additional info:

yum makes no attempt to update packages which do not depend on failed RPM.
This is something for yum developers to consider.
Comment 1 Will Woods 2007-10-27 16:10:35 UTC 
Pre-release packages are not signed. We made a mistake in changing the default
repositories from 'development' to 'fedora' and 'updates' (which require signed
packages) before the final F8 package set was ready.

Once F8 is completed we will sign the packages for the final release and this
problem will go away.

Until that happens, either:
1) Switch back to using the 'development' repo and disable 'fedora' and 'updates'
or
2) Disable gpg checking on the 'fedora' repo.
Comment 2 Will Woods 2007-10-27 16:26:42 UTC 
*** Bug 355361 has been marked as a duplicate of this bug. ***
Comment 3 Will Woods 2007-10-27 16:31:10 UTC 
*** Bug 355341 has been marked as a duplicate of this bug. ***
Comment 4 Will Woods 2007-10-27 16:31:19 UTC 
*** Bug 355311 has been marked as a duplicate of this bug. ***
Comment 5 Will Woods 2007-10-27 16:31:46 UTC 
*** Bug 355301 has been marked as a duplicate of this bug. ***
Comment 6 Will Woods 2007-10-27 16:36:52 UTC 
*** Bug 355181 has been marked as a duplicate of this bug. ***
Comment 7 John Fletcher 2007-10-27 17:00:25 UTC 
You have marked various other bugs which I have submitted as duplicates of this.

I am not convinced of this because some of them were run with --nogpgcheck 
or else the presence of --nogpgcheck made no difference.

I have been able to overcome the no signature problem with --nogpgcheck and I
believe there is a different problem with the installation of e.g. ginac and
gnuplot. 

There is evidence of this in the log files attached to the other (discarded)
reports.

I will not submit any further such reports - I will monitor what comes of it.

John Fletcher
Comment 8 John Fletcher 2007-10-27 17:05:21 UTC 
Created attachment 240581 [details]
rubygems fails with --nogpgcheck
Comment 9 Will Woods 2007-10-27 17:12:04 UTC 
I'd suggest changing the repository files (as discussed in comment #1) and then
running:

yum clean all

it looks like you might have gotten some bad/mixed up metadata or
half-downloaded files.

hope that helps.
Comment 10 Dick Franks 2007-10-29 16:15:55 UTC 
It did.

Selected develpment repo and cleaned out metadata, now ok.

Thanks
Comment 11 Will Woods 2007-10-30 16:30:40 UTC 
*** Bug 358521 has been marked as a duplicate of this bug. ***
Comment 12 Jesse Keating 2007-10-30 16:45:08 UTC 
All packages in rawhide should be signed now leading up to the F8 release.