Bug 112978 - up2date tells that package is tampered or corrupted
up2date tells that package is tampered or corrupted
Status: CLOSED DUPLICATE of bug 111601
Product: Fedora
Classification: Fedora
Component: up2date (Show other bugs)
1
All Linux
medium Severity medium
: ---
: ---
Assigned To: Adrian Likins
Fanny Augustin
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2004-01-06 17:10 EST by Sergey
Modified: 2007-11-30 17:10 EST (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2006-02-21 14:00:34 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Sergey 2004-01-06 17:10:01 EST
Description of problem:

up2date tells that package is tampered or corrupted

Version-Release number of selected component (if applicable):
  up2date Version     : 4.1.16 Release     : 1 

How reproducible:
sudo up2date -u

Additional info:
i've tried 6-7 times and always get this error# up2date -u -d --force
Fetching package list for channel: fedora-core-1... Fetching
http://fedora.redhat.com/releases/fedora-core-1/headers/header.info...########################################
Fetching package list for channel: updates-released...
Fetchinghttp://fedora.redhat.com/updates/released/fedora-core-1/headers/header.info...########################################
Fetching Obsoletes list for channel: fedora-core-1... Fetching
Obsoletes list for channel: updates-released... Name                 
                  Version       
Rel----------------------------------------------------------kernel  
                               2.4.22         1.2138.nptl         i686
 Testing package set / solving RPM
inter-dependencies...########################################kernel-2.4.22-1.2138.nptl.i
The package kernel-2.4.22-1.2138.nptl does not havea valid GPG
signature.It has been tampered with or corrupted.  Aborting...
************ GPG VERIFICATION ERROR ****************The package
kernel-2.4.22-1.2138.nptl failed its gpg signature verification.This
means the package is
corrupt.****************************************************
Comment 1 Gary Algier 2004-01-22 11:01:55 EST
Additional issues/problems with this:
1) If one is using up2date to download multiple packages, it exits
   on the first error.  It should skip over the problem and
   keep trying the others.
2) It exits with a zero exit status.  This makes it impossible
   to do something like:
       % until up2date -u --nox -d -f ; sleep 60; done
   that I could otherwise use to keep trying until I get
   all the downloads.
Comment 2 P Fudd 2004-02-06 04:16:17 EST
The file isn't corrupted so much as it's not all downloaded yet.

rpm -Kv kernel-2.4.22-1.2138.nptl.i686.rpm
If it says SHA1 is fine, but MD5 and GPG are bad, the file is too short.

ls -l kernel-2.4.22-1.2138.nptl.i686.rpm
If the size isn't the same as what's on the ftp site, same thing.

I've found 'wget -c ....' will resume the download and the resulting
file is no longer 'corrupt'.

A fix would be for rpm to check the size first, and for up2date to do
likewise, I guess.
Comment 3 Jef Spaleta 2004-02-06 10:52:25 EST

*** This bug has been marked as a duplicate of 111601 ***
Comment 4 Red Hat Bugzilla 2006-02-21 14:00:34 EST
Changed to 'CLOSED' state since 'RESOLVED' has been deprecated.

Note You need to log in before you can comment on or make changes to this bug.