Bug 1046332 - GPG key check fails
Summary: GPG key check fails
Alias: None
Product: Fedora
Classification: Fedora
Component: fedup
Version: 20
Hardware: x86_64
OS: Unspecified
Target Milestone: ---
Assignee: Will Woods
QA Contact: Fedora Extras Quality Assurance
Depends On:
TreeView+ depends on / blocked
Reported: 2013-12-24 15:30 UTC by Michael Cronenworth
Modified: 2014-01-23 21:26 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Last Closed: 2014-01-23 21:13:43 UTC
Type: Bug

Attachments (Terms of Use)

Description Michael Cronenworth 2013-12-24 15:30:13 UTC
Description of problem:
fedup downloads all of the RPMs necessary for update and then fails:

Downloading failed: GPG key retrieval failed: [Errno 14] curl#37 - "Couldn't open file /etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-x86_64"

Version-Release number of selected component (if applicable):

The key /etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-x86_64 is only available in fedora-release-19-2.noarch. Later versions removed the link in the vein that fedup would use the version in the file to pull in the correct GPG key. Who is to blame here?


Comment 1 Michael Cronenworth 2013-12-24 15:35:41 UTC
# rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-20-x86_64

Comment 2 Will Woods 2014-01-23 21:13:43 UTC
This happens if the gpgkey listed in a .repo file doesn't exist, or if the path is wrong. 

Since fedup doesn't own the .repo files or the keys, there's nothing I can do in fedup to fix this - the problem belongs to whoever owns the repo files and the keys.

The .repo files and keys provided by fedora-release-19-5 are confirmed to have the correct paths, so this should be fixed for most users.

Some people might still have their old .repo file in place. Check to see if there's a corresponding .repo.rpmnew file, and use that to update the .repo file.

Otherwise, you must have custom/3rd party .repo files that have the wrong gpgkey path, which you should fix (or ask the distributor to fix).

Comment 3 Michael Cronenworth 2014-01-23 21:26:56 UTC
Yes, this problem is due to old .repo files.

Would it be helpful to output a better error message? The current one is too obscure. Something such as "Please check that your repo files and GPG keys are up-to-date/correct versions."

Note You need to log in before you can comment on or make changes to this bug.