Bug 138619 - Clean install didn't RPM install default Fedora gpg key (RPM-GPG-KEY)
Summary: Clean install didn't RPM install default Fedora gpg key (RPM-GPG-KEY)
Alias: None
Product: Fedora
Classification: Fedora
Component: anaconda (Show other bugs)
(Show other bugs)
Version: 3
Hardware: i386 Linux
Target Milestone: ---
Assignee: Jeremy Katz
QA Contact: Mike McLean
: 142793 (view as bug list)
Depends On:
TreeView+ depends on / blocked
Reported: 2004-11-10 09:59 UTC by Sitsofe Wheeler
Modified: 2007-11-30 22:10 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2004-11-10 14:37:36 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

Description Sitsofe Wheeler 2004-11-10 09:59:47 UTC
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.2)
Gecko/20040804 Galeon/1.3.17

Description of problem:
With yum now defaulting to gpg checking (which is good) I would expect
the default Fedora key (the one called RPM-GPG-KEY on the CD) to be
installed at installation time.

Version-Release number of selected component (if applicable):
anaconda- (not installed)

How reproducible:

Steps to Reproduce:
1. After a fresh install do rpm -qa | grep gpg-pubkey

Actual Results:  Nothing is returned.

Expected Results:  To see at least gpg-pubkey-4f2a6fd2-3f9d9d3b

Additional info:

Comment 1 Jeremy Katz 2004-11-10 14:37:36 UTC
The problem is that although trusting the media if you're doing a CD
install might be reasonable, it's definitely not reasonable to trust
it if you're installing from a remote network source.  And anything
along these lines needs to be done the same for all installation types.

Comment 2 Sitsofe Wheeler 2004-11-10 15:20:14 UTC
Hmm I see what you are saying but it feels rather circular. If you
can't trust the medium that you initially installed from then you are
already dead in the water, since the RPMs comming down the network
card could already have been replaced with trojans... Surely starting
the trust during the install is the best you could ever hope for?

Comment 3 Rahul Sundaram 2005-06-20 19:54:33 UTC
*** Bug 142793 has been marked as a duplicate of this bug. ***

Note You need to log in before you can comment on or make changes to this bug.