I want to install kernel 4.13 on a Fedora 26 dev instance. fedora-repos-rawhide 26-1 is installed. Running "sudo dnf update kernel --enablerepo=rawhide" I get: Is this ok [y/N]: y Downloading Packages: (1/3): kernel-4.13.0-1.fc28.x86_64.rpm 200 kB/s | 71 kB 00:00 (2/3): kernel-core-4.13.0-1.fc28.x86_64.rpm 2.7 MB/s | 21 MB 00:07 (3/3): kernel-modules-4.13.0-1.fc28.x86_64.rpm 2.4 MB/s | 24 MB 00:09 ---------------------------------------------------------------------------------------------------------------- Total 4.4 MB/s | 45 MB 00:10 warning: /var/cache/dnf/rawhide-2d95c80a1fa0a67d/packages/kernel-core-4.13.0-1.fc28.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID 9db62fb1: NOKEY Importing GPG key 0x64DAB85D: Userid : "Fedora 26 Primary (26) <fedora-26-primary>" Fingerprint: E641 850B 77DF 4353 78D1 D7E2 812A 6B4B 64DA B85D From : /etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-26-x86_64 Is this ok [y/N]: y Key imported successfully Import of key(s) didn't help, wrong key(s)? Import of key(s) didn't help, wrong key(s)? Import of key(s) didn't help, wrong key(s)? Public key for kernel-core-4.13.0-1.fc28.x86_64.rpm is not installedFailing package is: kernel-core-4.13.0-1.fc28.x86_64 GPG Keys are configured as: file:///etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-26-x86_64 Public key for kernel-4.13.0-1.fc28.x86_64.rpm is not installedFailing package is: kernel-4.13.0-1.fc28.x86_64 GPG Keys are configured as: file:///etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-26-x86_64 Public key for kernel-modules-4.13.0-1.fc28.x86_64.rpm is not installedFailing package is: kernel-modules-4.13.0-1.fc28.x86_64 GPG Keys are configured as: file:///etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-26-x86_64 The downloaded packages were saved in cache until the next successful transaction. You can remove cached packages by executing 'dnf clean packages'. Error: GPG check FAILED
workaround is to use --nogpg.
1) this is not a bug for distribution-gpg-keys. This package just ships various gpg keys and does not handle any interaction with dnf or koji. 2) This error happened because you are on F26 and you are installing package from rawhide, which is signed using F28 key. 3) the file /etc/yum.repos.d/fedora-rawhide.repo contains: gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-$releasever-$basearch and when you run: sudo dnf update kernel --enablerepo=rawhide your releasever is still 26, so dnf this repo is configured to use the wrong key. So you should either use sudo dnf update kernel --enablerepo=rawhide --releasever=28 4) This does not happen in past because rawhide was not signed. It is signed now. I think that the $releasver with gpgkey in fedora-rawhide.repo should be expanded. I.e.; gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-28-$basearch But that has some negative side too (higher chance that .rpmnew file is created) So I will leave it up to the Denis whether he will close it as NOTABUG or change the repo file.
This message is a reminder that Fedora 26 is nearing its end of life. Approximately 4 (four) weeks from now Fedora will stop maintaining and issuing updates for Fedora 26. It is Fedora's policy to close all bug reports from releases that are no longer maintained. At that time this bug will be closed as EOL if it remains open with a Fedora 'version' of '26'. Package Maintainer: If you wish for this bug to remain open because you plan to fix it in a currently maintained version, simply change the 'version' to a later Fedora version. Thank you for reporting this issue and we are sorry that we were not able to fix it before Fedora 26 is end of life. If you would still like to see this bug fixed and are able to reproduce it against a later version of Fedora, you are encouraged change the 'version' to a later Fedora version prior this bug is closed as described in the policy above. Although we aim to fix as many bugs as possible during every release's lifetime, sometimes those efforts are overtaken by events. Often a more recent Fedora release includes newer upstream software that fixes bugs or makes them obsolete.
Fedora 26 changed to end-of-life (EOL) status on 2018-05-29. Fedora 26 is no longer maintained, which means that it will not receive any further security or bug fix updates. As a result we are closing this bug. If you can reproduce this bug against a currently maintained version of Fedora please feel free to reopen this bug against that version. If you are unable to reopen this bug, please file a new report against the current release. If you experience problems, please add a comment to this bug. Thank you for reporting this bug and we are sorry it could not be fixed.
I think the same bug is still here. Rawhide branched and I am no longer able to upgrade my rawhide container. There should be a way to keep rawhide instance always up-to-date. I do not know how to do that now. It does not help to use --releasever=31 # dnf list fedora-gpg-keys Last metadata expiration check: 0:00:14 ago on Tue Aug 20 14:48:47 2019. Installed Packages fedora-gpg-keys.noarch 31-0.2 @rawhide Available Packages fedora-gpg-keys.noarch 32-0.2 rawhide # dnf repolist Last metadata expiration check: 0:18:04 ago on Tue Aug 20 14:48:47 2019. repo id repo name status *rawhide Fedora - Rawhide - Developmental packages for the next Fedora release 59328 *rawhide-modular Fedora - Modular Rawhide - Developmental packages for the next Fedora release 0 # dnf upgrade --enablerepo=updates -y fedora-gpg-keys Last metadata expiration check: 0:19:01 ago on Tue Aug 20 14:48:47 2019. Dependencies resolved. ================================================================================================================================ Package Architecture Version Repository Size ================================================================================================================================ Upgrading: fedora-gpg-keys noarch 32-0.2 rawhide 100 k fedora-release noarch 32-0.1 rawhide 11 k fedora-release-common noarch 32-0.1 rawhide 19 k fedora-repos noarch 32-0.2 rawhide 9.5 k fedora-repos-rawhide noarch 32-0.2 rawhide 8.6 k Transaction Summary ================================================================================================================================ Upgrade 5 Packages Total size: 149 k Downloading Packages: [SKIPPED] fedora-gpg-keys-32-0.2.noarch.rpm: Already downloaded [SKIPPED] fedora-release-32-0.1.noarch.rpm: Already downloaded [SKIPPED] fedora-release-common-32-0.1.noarch.rpm: Already downloaded [SKIPPED] fedora-repos-32-0.2.noarch.rpm: Already downloaded [SKIPPED] fedora-repos-rawhide-32-0.2.noarch.rpm: Already downloaded warning: /var/cache/dnf/rawhide-2d95c80a1fa0a67d/packages/fedora-gpg-keys-32-0.2.noarch.rpm: Header V3 RSA/SHA256 Signature, key ID 12c944d0: NOKEY Fedora - Rawhide - Developmental packages for the next Fedora release 1.6 MB/s | 1.6 kB 00:00 GPG key at file:///etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-31-x86_64 (0x3C3359C4) is already installed The GPG keys listed for the "Fedora - Rawhide - Developmental packages for the next Fedora release" repository are already installed but they are not correct for this package. Check that the correct key URLs are configured for this repository.. Failing package is: fedora-gpg-keys-32-0.2.noarch GPG Keys are configured as: file:///etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-31-x86_64 Public key for fedora-release-32-0.1.noarch.rpm is not installed. Failing package is: fedora-release-32-0.1.noarch GPG Keys are configured as: file:///etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-31-x86_64 Public key for fedora-release-common-32-0.1.noarch.rpm is not installed. Failing package is: fedora-release-common-32-0.1.noarch GPG Keys are configured as: file:///etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-31-x86_64 Public key for fedora-repos-32-0.2.noarch.rpm is not installed. Failing package is: fedora-repos-32-0.2.noarch GPG Keys are configured as: file:///etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-31-x86_64 Public key for fedora-repos-rawhide-32-0.2.noarch.rpm is not installed. Failing package is: fedora-repos-rawhide-32-0.2.noarch GPG Keys are configured as: file:///etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-31-x86_64 The downloaded packages were saved in cache until the next successful transaction. You can remove cached packages by executing 'dnf clean packages'. Error: GPG check FAILED
Current issue can be fixed by commands: # dnf upgrade https://kojipkgs.fedoraproject.org//packages/fedora-repos/31/0.5/noarch/fedora-{gpg-keys,repos,repos-rawhide}-31-0.5.noarch.rpm # dnf --releasever 32 upgrade I could not find signed 31-0.5 packages in any update, so secure upgrade is broken by these steps. rpm -qpi fedora-gpg-keys*.rpm reveals no key.
(In reply to Petr Menšík from comment #6) > Current issue can be fixed by commands: > > # dnf upgrade > https://kojipkgs.fedoraproject.org//packages/fedora-repos/31/0.5/noarch/ > fedora-{gpg-keys,repos,repos-rawhide}-31-0.5.noarch.rpm > # dnf --releasever 32 upgrade > > I could not find signed 31-0.5 packages in any update, so secure upgrade is > broken by these steps. > > rpm -qpi fedora-gpg-keys*.rpm reveals no key. That is because we do not have a completely fedora 31 compose yet. It doesn't exist. we are working on it. If we had that everything would have worked, but we don't. Perhaps next branching we should look at disabling rawhide composes until branched works/pushes out, but thats a big hammer.
I have issue with installing new kernel from rawhide in Fedora 32 (after upgrade from 30 and 31 not sure if it's important). I'm installing with: $ LC_ALL=C sudo dnf update kernel --enablerepo=rawhide --releasever=32 ... Downloading Packages: [SKIPPED] kernel-5.7.0-1.fc33.x86_64.rpm: Already downloaded [SKIPPED] kernel-core-5.7.0-1.fc33.x86_64.rpm: Already downloaded [SKIPPED] kernel-modules-5.7.0-1.fc33.x86_64.rpm: Already downloaded warning: /var/cache/dnf/rawhide-2d95c80a1fa0a67d/packages/kernel-5.7.0-1.fc33.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID 9570ff31: NOKEY Fedora - Rawhide - Developmental packages for the next Fedora 1.6 MB/s | 1.6 kB 00:00 GPG key at file:///etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-32-x86_64 (0x12C944D0) is already installed The GPG keys listed for the "Fedora - Rawhide - Developmental packages for the next Fedora release" repository are already installed but they are not correct for this package. Check that the correct key URLs are configured for this repository.. Failing package is: kernel-5.7.0-1.fc33.x86_64 GPG Keys are configured as: file:///etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-32-x86_64 Public key for kernel-core-5.7.0-1.fc33.x86_64.rpm is not installed. Failing package is: kernel-core-5.7.0-1.fc33.x86_64 GPG Keys are configured as: file:///etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-32-x86_64 Public key for kernel-modules-5.7.0-1.fc33.x86_64.rpm is not installed. Failing package is: kernel-modules-5.7.0-1.fc33.x86_64 GPG Keys are configured as: file:///etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-32-x86_64 The downloaded packages were saved in cache until the next successful transaction. You can remove cached packages by executing 'dnf clean packages'. Error: GPG check FAILED