Bug 142370 - yum refuses to update packages, saying 'unsigned package blah'
yum refuses to update packages, saying 'unsigned package blah'
Status: CLOSED NOTABUG
Product: Fedora
Classification: Fedora
Component: yum (Show other bugs)
rawhide
noarch Linux
medium Severity medium
: ---
: ---
Assigned To: Jeremy Katz
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2004-12-09 05:27 EST by Avi Kivity
Modified: 2014-01-21 17:50 EST (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2005-01-04 11:08:03 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Avi Kivity 2004-12-09 05:27:23 EST
Description of problem: 
 
'yum update package' downloads package, but won't install, saying: 
 
  unsigned 
package //var/cache/yum/development/packages/gaim-1.1.0-1.i386.rpm 
 
rpm -K says the signature is valid. I take this to mean the signature 
exists. 
 
Version-Release number of selected component (if applicable): 
yum-2.1.12-1 
 
How reproducible: 
always 
 
Steps to Reproduce: 
1. yum update gaim (or any updated package in fc-devel) 
   
Actual results: 
gaim-1.1.0-1.i386.rpm     100% |=========================| 3.4 MB    
01:56 
unsigned 
package //var/cache/yum/development/packages/gaim-1.1.0-1.i386.rpm 
 
 
Expected results: 
successful upgrade 
 
Additional info: 
[root@firebolt rpmUtils]# rpm -qa gpg-pubkey\* 
gpg-pubkey-1cddbca9-3f9da14c 
gpg-pubkey-30c9ecf8-3f9da3f7 
gpg-pubkey-4f2a6fd2-3f9d9d3b 
gpg-pubkey-e42d547b-3960bdf1 
gpg-pubkey-db42a60e-37ea5438 
 
I traced this as far as getSigInfo in rpmUtils/miscutils.py: 
 
def getSigInfo(hdr): 
    """checks signature from an hdr hand back signature information 
and/or 
       an error code""" 
 
    locale.setlocale(locale.LC_ALL, 'C') 
    string = '%|DSAHEADER?{%{DSAHEADER:pgpsig}}:{%|RSAHEADER?
{%{RSAHEADER:pgpsig}}:{%|SIGGPG?{%{SIGGPG:pgpsig 
}}:{%|SIGPGP?{%{SIGPGP:pgpsig}}:{(none)}|}|}|}|' 
    siginfo = hdr.sprintf(string) 
    if siginfo != '(none)': 
        error = 0 
        sigtype, sigdate, sigid = siginfo.split(',') 
    else: 
        error = 101 
        sigtype = 'MD5' 
        sigdate = 'None' 
        sigid = 'None' 
 
but stopped there for obvious reasons.
Comment 1 Seth Vidal 2005-01-04 11:08:03 EST
you've got gpgcheck=1 set to on and you're trying to install unsigned
packages.

these two are incompatible.

run rpm -K -v on the package.

I bet no gpg/DSA key will be listed.


Note You need to log in before you can comment on or make changes to this bug.