Description of problem: 'yum update package' downloads package, but won't install, saying: unsigned package //var/cache/yum/development/packages/gaim-1.1.0-1.i386.rpm rpm -K says the signature is valid. I take this to mean the signature exists. Version-Release number of selected component (if applicable): yum-2.1.12-1 How reproducible: always Steps to Reproduce: 1. yum update gaim (or any updated package in fc-devel) Actual results: gaim-1.1.0-1.i386.rpm 100% |=========================| 3.4 MB 01:56 unsigned package //var/cache/yum/development/packages/gaim-1.1.0-1.i386.rpm Expected results: successful upgrade Additional info: [root@firebolt rpmUtils]# rpm -qa gpg-pubkey\* gpg-pubkey-1cddbca9-3f9da14c gpg-pubkey-30c9ecf8-3f9da3f7 gpg-pubkey-4f2a6fd2-3f9d9d3b gpg-pubkey-e42d547b-3960bdf1 gpg-pubkey-db42a60e-37ea5438 I traced this as far as getSigInfo in rpmUtils/miscutils.py: def getSigInfo(hdr): """checks signature from an hdr hand back signature information and/or an error code""" locale.setlocale(locale.LC_ALL, 'C') string = '%|DSAHEADER?{%{DSAHEADER:pgpsig}}:{%|RSAHEADER? {%{RSAHEADER:pgpsig}}:{%|SIGGPG?{%{SIGGPG:pgpsig }}:{%|SIGPGP?{%{SIGPGP:pgpsig}}:{(none)}|}|}|}|' siginfo = hdr.sprintf(string) if siginfo != '(none)': error = 0 sigtype, sigdate, sigid = siginfo.split(',') else: error = 101 sigtype = 'MD5' sigdate = 'None' sigid = 'None' but stopped there for obvious reasons.
you've got gpgcheck=1 set to on and you're trying to install unsigned packages. these two are incompatible. run rpm -K -v on the package. I bet no gpg/DSA key will be listed.