125355 – can't upgrade xemacs packages

Bug 125355 - can't upgrade xemacs packages

Summary: can't upgrade xemacs packages

Keywords:
Status:	CLOSED NOTABUG
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	xemacs
Sub Component:
Version:	2
Hardware:	i386
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Jens Petersen
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2004-06-04 23:26 UTC by Dave Rogers
Modified:	2007-11-30 22:10 UTC (History)
CC List:	1 user (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:	2004-06-06 20:02:25 UTC
Type:	---
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description Dave Rogers 2004-06-04 23:26:53 UTC

Description of problem:
When I try to update the package index, list and install or update
installed packages I always get the same error: "Can't check
signature: Public key 82EDF2C1D1DD84CD not found"

Version-Release number of selected component (if applicable): 
[version 21.4.15; April 2004]

How reproducible:
always


Steps to Reproduce:
1. Click Tools > Packages > Update Package Index or List and Install
or Update Installed Packages
2.
3.
  
Actual results:
"Can't check signature: Public key 82EDF2C1D1DD84CD not found"

Expected results:
Get a new package index or a list of packages with the option to
upgrade or an automatice upgrade of all installed packages.

Additional info:

This works fine on FC1 with xemacs version 21.4.14

Comment 1 Jens Petersen 2004-06-06 17:16:47 UTC

See bug 120437.

Should get fixed in next build.

Comment 2 Jens Petersen 2004-06-06 17:25:15 UTC

Oops, forgot comment 1 - that patch has already been applied.

Ville, any ideas?

Comment 3 Ville Skyttä 2004-06-06 17:49:22 UTC

Like the error message says, the problem is that you don't have the
XEmacs package manager's GPG key installed.  So, either:

1) Import the key (0xD1DD84CD) to the GPG keyring of the user you are
updating the packages with (I'd recommend a non-root user, BTW). 
XEmacs should try to do this automatically, but apparently it fails
for you for some reason (no keyserver configured in
~/.gnupg/gpg.conf?).  The key can be found eg. at
http://pgp.mit.edu:11371/pks/lookup?search=0xD1DD84CD&op=index

2) Disable GPG checking by unchecking the
"Options->Advanced->Emacs->Package Tools->Package Get->Require Signed
Base Updates" checkbox, and remember to save the settings.

I've just done a successful package update using a normal user account
and having the GPG key imported with 21.4.15-5.  Most likely there
will be about 20 second delay during "Verifying..." when the GPG sig
is verified, that's a known but a cosmetic problem in (upstream) 21.4.15.

So, I'd say NOTABUG or WORKSFORME... :)

Comment 4 Ville Skyttä 2004-06-06 17:55:08 UTC

Oh, and of course an easy way to import the key would be for example:

  gpg --keyserver pgp.mit.edu --recv-keys D1DD84CD

Comment 5 Dave Rogers 2004-06-06 19:42:20 UTC

I tried Ville's suggestion and it works fine for me. So perhaps this
"bug" should be closed and listed as my ignorance of a new feature.
Further proof of why open source and Fedora is the only way to go!
Thanks to all. 

dave

Comment 6 Jens Petersen 2004-06-06 20:02:25 UTC

Thanks.

Note You need to log in before you can comment on or make changes to this bug.