From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.8) Gecko/20050524 Fedora/1.0.4-4 Firefox/1.0.4 Description of problem: up2date does not check the gpg signature. for example the following freshrpms.repo file: ---------------------------------------------- [freshrpms] name=freshrpms baseurl=http://ayo.freshrpms.net/fedora/linux/4/$basearch/freshrpms enabled=1 gpgcheck=1 gpgkey=http://freshrpms.net/RPM-GPG-KEY-freshrpms ---------------------------------------------- was put in /etc/yum.repos.d/ directory after that trying to install any packages would give a GPG signature error. Version-Release number of selected component (if applicable): up2date-4.4.23-4 How reproducible: Always Steps to Reproduce: 1. install freshrpms.repo file into /etc/yum.repos.d/ folder 2. type 'up2date amule' Actual Results: see the following error message: The package amule-2.0.1-1.2.fc4 is not signed with a GPG signature. Aborting...Package amule-2.0.1-1.2.fc4 does not have a GPG signature. Aborting... Expected Results: there should be no error message since gpgkey was provided in the freshrpms.repo file. Additional info:
There's an option to up2date that says "don't install unsigned rpms": try 'up2date --nosig amule'.
Also, perhaps the gpgkey needs to be loaded: rpm --import the.file-with_the=gpg.key
I thought that up2date is supposed to load it automatically.
I am having the same problem. This is on a fresh FC4 install. I did the rpm --inport.
this bug is not relevant anymore because Fedora Core 5 removed up2date