Bugzilla will be upgraded to version 5.0 on a still to be determined date in the near future. The original upgrade date has been delayed.
Bug 138619 - Clean install didn't RPM install default Fedora gpg key (RPM-GPG-KEY)
Clean install didn't RPM install default Fedora gpg key (RPM-GPG-KEY)
Product: Fedora
Classification: Fedora
Component: anaconda (Show other bugs)
i386 Linux
medium Severity low
: ---
: ---
Assigned To: Jeremy Katz
Mike McLean
: 142793 (view as bug list)
Depends On:
  Show dependency treegraph
Reported: 2004-11-10 04:59 EST by Sitsofe Wheeler
Modified: 2007-11-30 17:10 EST (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2004-11-10 09:37:36 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Sitsofe Wheeler 2004-11-10 04:59:47 EST
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.2)
Gecko/20040804 Galeon/1.3.17

Description of problem:
With yum now defaulting to gpg checking (which is good) I would expect
the default Fedora key (the one called RPM-GPG-KEY on the CD) to be
installed at installation time.

Version-Release number of selected component (if applicable):
anaconda- (not installed)

How reproducible:

Steps to Reproduce:
1. After a fresh install do rpm -qa | grep gpg-pubkey

Actual Results:  Nothing is returned.

Expected Results:  To see at least gpg-pubkey-4f2a6fd2-3f9d9d3b

Additional info:
Comment 1 Jeremy Katz 2004-11-10 09:37:36 EST
The problem is that although trusting the media if you're doing a CD
install might be reasonable, it's definitely not reasonable to trust
it if you're installing from a remote network source.  And anything
along these lines needs to be done the same for all installation types.
Comment 2 Sitsofe Wheeler 2004-11-10 10:20:14 EST
Hmm I see what you are saying but it feels rather circular. If you
can't trust the medium that you initially installed from then you are
already dead in the water, since the RPMs comming down the network
card could already have been replaced with trojans... Surely starting
the trust during the install is the best you could ever hope for?
Comment 3 Rahul Sundaram 2005-06-20 15:54:33 EDT
*** Bug 142793 has been marked as a duplicate of this bug. ***

Note You need to log in before you can comment on or make changes to this bug.