Bug 55835
| Summary: | rpm check signature fails first time it is run | ||
|---|---|---|---|
| Product: | [Retired] Red Hat Linux | Reporter: | Jeremy Sanders <jss> |
| Component: | rpm | Assignee: | Jeff Johnson <jbj> |
| Status: | CLOSED NOTABUG | QA Contact: | |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | 7.2 | ||
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | i386 | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2001-11-07 17:36:29 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Description
Jeremy Sanders
2001-11-07 15:21:57 UTC
Add a third step: 3. ll ~/.gnupg You'll discover that gnupg has created a default ~/.gnupg which contains a default options file and an empty public and secure key-ring. You also need to use gpg to import whatever public keys you wish to use for package verification. I still think this a bug. I'm aware you need to import keys, but the initial message (which you'd get after a fresh install) is: LPRng-3.7.4-28.i386.rpm: md5 GPG NOT OK Which implies there's something wrong with the package (it doesn't even say the md5 is okay), even though it just means that gpg hasn't been run before. rpm should give the same message on different invocations. I think it's a bug too, fix well underway on the development branch of rpm. Hint: signatures are always verified when package is read, user doesn't get a choice. |