This service will be undergoing maintenance at 00:00 UTC, 2016-08-01. It is expected to last about 1 hours
Bug 162547 - up2date installs redhat key instead of fedora key
up2date installs redhat key instead of fedora key
Status: CLOSED WONTFIX
Product: Fedora
Classification: Fedora
Component: up2date (Show other bugs)
4
i386 Linux
medium Severity medium
: ---
: ---
Assigned To: Bret McMillan
Fanny Augustin
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2005-07-06 02:08 EDT by P Fudd
Modified: 2007-11-30 17:11 EST (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2006-11-05 11:31:10 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)

  None (edit)
Description P Fudd 2005-07-06 02:08:16 EDT
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.6) Gecko/20050328 Fedora/1.7.6-1.2.5

Description of problem:
I just installed Fedora Core 4, and on the first system update, up2date says 'bad signature' for every rpm it downloads.

Checking the key required versus the keys available in the database, I find that the key that was installed by up2date was RPM-GPG-KEY
(pub  1024D/DB42A60E 1999-09-23 Red Hat, Inc <security@redhat.com>)

and should have been RPM-GPG-KEY-fedora
(pub  1024D/4F2A6FD2 2003-10-27 Fedora Project <fedora@redhat.com>)



Version-Release number of selected component (if applicable):
up2date-4.4.23-4

How reproducible:
Always

Steps to Reproduce:
1. Install fc4
2. Run up2date
3. 
  

Actual Results:  up2date refused to install anything, due to bad gpg signatures.

Expected Results:  up2date should have updated everything

Additional info:

Typing 'rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-fedora' solved the problem.

I'd have rated this as a 'Low severity' bug, as I found an easy workaround, except that it's going to bite a lot of beginners, and we don't want that.
Comment 1 P Fudd 2005-07-12 02:29:43 EDT
Instead of saying 'bad signature', perhaps it could say 'unrecognized signature'?

Also, if this is reproducible, the code in
/usr/share/rhn/up2date_client/gpgUtils.py lines 93-103 isn't working quite right.
Comment 2 John Thacker 2006-10-29 15:29:57 EST
up2date was replaced by pirut and put (package pirut) as of FC5.  Only FC5 and
FC6 are currently fully supported; FC3 and FC4 are supported for security fixes
only.  If this bug occurs in FC3 or FC4 and is a security bug, please change the
product to Fedora Extras and the version to match.  If you can verify that the
bug exists in RHEL as well, please change the product and version appropriately.

The codebase for pirut and pup is quite different, but if a similar bug exists
in pirut and pup in FC5 or FC6, please change the product to pirut and the
version appropriately and update the bug report.

We apologize that the bug was not fixed before now.  The status will be changed
to NEEDINFO, and if the bug is not updated with evidence that it is a security
bug or a bug that affects RHEL, it will be closed.
Comment 3 John Thacker 2006-11-05 11:31:10 EST
Closing per previous message.

Note You need to log in before you can comment on or make changes to this bug.