Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.

Bug 1213876

Summary: spacewalk latest-client packages signed with GPG V4 key - CentOS 5 yum update fails
Product: [Community] Spacewalk Reporter: Göran Törnqvist <goran.tornqvist>
Component: InstallationAssignee: Tomáš Kašpárek <tkasparek>
Status: CLOSED CURRENTRELEASE QA Contact: Red Hat Satellite QA List <satqe-list>
Severity: medium Docs Contact:
Priority: unspecified    
Version: 2.3CC: jpazdziora
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2017-03-03 12:24:47 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1484117    

Description Göran Törnqvist 2015-04-21 13:22:23 UTC 
Description of problem:
When trying to update CentOS-5 hosts with the latest client from http://yum.spacewalkproject.org/latest-client/RHEL/5/x86_64/ , example:
osad-5.11.57-1.el5.noarch.rpm , I get:
error: rpmts_HdrFromFdno: Header V4 RSA/SHA1 signature: BAD, key ID 066e5810

When comparing the signing key with the old versions I can see that it´s a different key.

osad-5.11.57-1.el5.noarch.rpm signing Key: 41605346066e5810
osad-5.11.43-1.el5.noarch.rpm signing Key: 0e646f68863a853d

So it looks like the GPG key has changed, is this intentional?

Version-Release number of selected component (if applicable):
RPMs with build date: 2015-03-25

How reproducible:
yum localupdate http://yum.spacewalkproject.org/latest-client/RHEL/5/x86_64/osad-5.11.57-1.el5.noarch.rpm

Actual results:

Expected results:

Additional info:
Comment 1 Göran Törnqvist 2015-04-22 06:30:49 UTC 
So just to clarify :)
I know there´s a new key here:
http://spacewalk.redhat.com/yum/RPM-GPG-KEY-spacewalk-2015
But even if I import it, it doesnt work - I guess it´s because CentOS-5 cannot handle GPG V4 which the RPMs are signed with...

rpm -v --checksig osad-5.11.57-1.el5.noarch.rpm
osad-5.11.57-1.el5.noarch.rpm:
    Header V4 RSA/SHA1 signature: BAD, key ID 066e5810
    Header SHA1 digest: OK (510f046268a4f61a923a45da35b0f4289a1919a2)
    V4 RSA/SHA1 signature: BAD, key ID 066e5810
    MD5 digest: OK (a66ce28020b37aa0f6d18f1764f1aa08)
Comment 2 Göran Törnqvist 2015-04-23 09:50:44 UTC 
Aha, it may be due to this:

https://fedorahosted.org/spacewalk/wiki/ReleaseNotes23
Spacewalk 2.3 on RHEL 5 (CentOS 5)
Spacewalk is now no longer supported running on RHEL5/CentOS5
Comment 3 Jan Pazdziora (Red Hat) 2015-05-04 07:58:28 UTC 
(In reply to Göran Törnqvist from comment #2)
> Aha, it may be due to this:
> 
> https://fedorahosted.org/spacewalk/wiki/ReleaseNotes23
> Spacewalk 2.3 on RHEL 5 (CentOS 5)
> Spacewalk is now no longer supported running on RHEL5/CentOS5

That should not affect clients.

I believe the problem is now resolved, with

  https://www.redhat.com/archives/spacewalk-list/2015-April/msg00081.html

Could you please retry and see if you still hit the issue?
Comment 4 Göran Törnqvist 2015-05-04 11:32:54 UTC 
Resynced my channels and all is working well now, thanks.
Comment 5 Tomáš Kašpárek 2017-03-03 12:24:47 UTC 
closing according to comment#4
Comment 6 Eric Herget 2017-09-28 18:10:21 UTC 
This BZ closed some time during 2.5, 2.6 or 2.7.  Adding to 2.7 tracking bug.