Red Hat Bugzilla – Bug 113249
up2date problems with gpg
Last modified: 2007-11-30 17:10:35 EST
Description of problem:
Fedora core now seems to require gpg keys for the material
installed/updated on the box. I have found the following packages
will not install due to problems with gpg not being able to verify the
nptl-devel (requires glibc)
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. Fresh install Fedora Core 1 disks from website
2. Begin Up2Date from the RHN Alert Notification Tool
3. Select Packages to Install
Some packages install without issue. The others come up with a
message the gpg key was not verified. If you continue, it will d/l
the remaining packages, however when it goes to install, the first
file it comes to with a gpg problem seems to be corrupted and up2date
exits out at that point. Had to install packages 1 by 1 till I was
able to locate all the files with this problem.
Should read and verify key and install normally as does RH9.
If I have missed something in the documentation or on the websites FAQ
and how to lists please steer me in the right direction. Thanks Alan
Aha! I found the problem!
If the rpm file doesn't get fully downloaded (which happens a lot),
the GPG key will fail to verify, and give this error!
Two ways of checking this:
1) rpm -Kv the-rpm-file-in-question.i386.rpm
If the md5 checksum fails as well as the gpg signature, the rpm got
2) ls -l the-rpm-file.i386.rpm
If the size doesn't match what's on the ftp site, the rpm got cut off.
Workaround: download the file with 'wget -c .....' or something.
Fix: make rpm check the size before the signature; make up2date do a
better job of downloading.
This is a duplicate of bug #111601. Someone at Red Hat please mark it
*** This bug has been marked as a duplicate of 111601 ***
Changed to 'CLOSED' state since 'RESOLVED' has been deprecated.