Description of problem: I get GPG errors when updating glibc-headers-2.3.2-101.4.i386.rpm via up2date: glibc-headers-2.3.2-101.4.i The package glibc-headers-2.3.2-101.4 does not have a valid GPG signature. It has been tampered with or corrupted. Aborting... ************ GPG VERIFICATION ERROR **************** The package glibc-headers-2.3.2-101.4 failed its gpg signature verification. Thi s means the package is corrupt. **************************************************** I downloaded the package from http://download.fedora.redhat.com/pub/fedora/linux/core/updates/1/i386/ and ran <# rpm -q --pkgid glibc-headers-2.3.2-101.4.i386.rpm> command. here is the output: malformed pkgid: glibc-headers-2.3.2-101.4.i386.rpm Version-Release number of selected component (if applicable): 2.3.2-101.4 How reproducible: rpm -q --pkgid glibc-headers-2.3.2-101.4.i386.rpm Steps to Reproduce: 1. 2. 3. Actual results: Expected results: Additional info:
The first error (does not have a valid GPG signature) means the file was crippled during transmission (it verifies ok on the master side or mirrors I've tried), just retry. The latter is an operator error, please read rpm manual page. If you want to verify signature, use rpm -K glibc-headers*.i386.rpm, --pkgid option's argument is not a filename, but a package id.