Bug 113249 - up2date problems with gpg
Summary: up2date problems with gpg
Status: CLOSED DUPLICATE of bug 111601
Alias: None
Product: Fedora
Classification: Fedora
Component: up2date   
(Show other bugs)
Version: 1
Hardware: i386 Linux
medium
medium
Target Milestone: ---
Assignee: Adrian Likins
QA Contact:
URL:
Whiteboard:
Keywords:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2004-01-10 17:36 UTC by Alan Deaton
Modified: 2007-11-30 22:10 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2006-02-21 19:00:42 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Description Alan Deaton 2004-01-10 17:36:23 UTC 
Description of problem:

Fedora core now seems to require gpg keys for the material
installed/updated on the box.  I have found the following packages
will not install due to problems with gpg not being able to verify the
package content:

     Kernel-2.4.22-1.2140
     binutils-2.14.90.0.6-4
     glibc-2.3.2-101.1
     gnupg-1.2.3-2
     gphoto2-2.1.3-1
     gphoto2-2.1.3-1
     httpd-2.0.48.1.2
     net-snmp-5.1-2.1
     nptl-devel (requires glibc)
     php-4.3.4-1.1
     
Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1. Fresh install Fedora Core 1 disks from website
2. Begin Up2Date from the RHN Alert Notification Tool
3. Select Packages to Install
  
Actual results:

Some packages install without issue.  The others come up with a
message the gpg key was not verified.  If you continue, it will d/l
the remaining packages, however when it goes to install, the first
file it comes to with a gpg problem seems to be corrupted and up2date
exits out at that point.  Had to install packages 1 by 1 till I was
able to locate all the files with this problem.

Expected results:

Should read and verify key and install normally as does RH9.

Additional info:

If I have missed something in the documentation or on the websites FAQ
and how to lists please steer me in the right direction. Thanks Alan
Comment 1 P Fudd 2004-02-06 08:39:34 UTC 
Aha!  I found the problem!

If the rpm file doesn't get fully downloaded (which happens a lot),
the GPG key will fail to verify, and give this error!

Two ways of checking this:

1) rpm -Kv the-rpm-file-in-question.i386.rpm

If the md5 checksum fails as well as the gpg signature, the rpm got
cut off.

2) ls -l the-rpm-file.i386.rpm

If the size doesn't match what's on the ftp site, the rpm got cut off.

Workaround: download the file with 'wget -c .....' or something.

Fix: make rpm check the size before the signature; make up2date do a
better job of downloading.
Comment 2 William M. Quarles 2004-06-29 20:53:16 UTC 
This is a duplicate of bug #111601.  Someone at Red Hat please mark it
as such.
Comment 3 Adrian Likins 2004-08-24 22:19:06 UTC 

*** This bug has been marked as a duplicate of 111601 ***
Comment 4 Red Hat Bugzilla 2006-02-21 19:00:42 UTC 
Changed to 'CLOSED' state since 'RESOLVED' has been deprecated.
Note You need to log in before you can comment on or make changes to this bug.