171570 – Contradictory error message: "not signed with a GPG signature"

Bug 171570 - Contradictory error message: "not signed with a GPG signature"

Summary: Contradictory error message: "not signed with a GPG signature"

Status:	CLOSED WONTFIX
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	up2date
Sub Component:
Version:	4
Hardware:	i386
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Bret McMillan
QA Contact:	Fanny Augustin
Docs Contact:
URL:
Whiteboard:
Keywords:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2005-10-23 12:48 UTC by Graham Leggett
Modified:	2007-11-30 22:11 UTC (History)
CC List:	0 users
Fixed In Version:
Doc Type:
Doc Text:	(edit)
Clone Of:
Environment:	(edit)
Last Closed:	2006-11-05 16:25:30 UTC
Dependent Products:

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Description Graham Leggett 2005-10-23 12:48:00 UTC

From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.8) Gecko/20050524 Fedora/1.0.4-4 Firefox/1.0.4

Description of problem:
While attempting to run up2date after having gone through an upgrade process from FC3 to FC4 via DVD, the following message is output by up2date:

Maelstrom-3.0.6-8.i386.rpm: ########################## Done.
warning: rpmts_HdrFromFdno: Header V3 DSA signature: NOKEY, key ID 1ac70ce6
The package Maelstrom-3.0.6-8 is not signed with a GPG signature.  Aborting...
Package Maelstrom-3.0.6-8 does not have a GPG signature.
 Aborting...

According to the error message the package is unsigned, however as shown by the warning line, the package IS signed, the key that signed the package is missing.

The text "is not signed with a GPG signature" and "does not have a GPG signature" needs to be removed and replaced with an accurate error message explaining that a signature is present, but signed with a key that is not (yet) recognised, and adding a note on where to find out the correct procedure for adding the key, which is apparently:

rpm --install ./RPM-GPG-KEY-fedora-extras



Version-Release number of selected component (if applicable):


How reproducible:
Always

Steps to Reproduce:
xxx

Additional info:

Comment 1 John Thacker 2006-10-29 20:24:41 UTC

up2date was replaced by pirut and put (package pirut) as of FC5.  Only FC5 and
FC6 are currently fully supported; FC3 and FC4 are supported for security fixes
only.  If this bug occurs in FC3 or FC4 and is a security bug, please change the
product to Fedora Extras and the version to match.  If you can verify that the
bug exists in RHEL as well, please change the product and version appropriately.

The codebase for pirut and pup is quite different, but if a similar bug exists
in pirut and pup in FC5 or FC6, please change the product to pirut and the
version appropriately and update the bug report.

We apologize that the bug was not fixed before now.  The status will be changed
to NEEDINFO, and if the bug is not updated with evidence that it is a security
bug or a bug that affects RHEL, it will be closed.

Comment 2 John Thacker 2006-11-05 16:25:30 UTC

Closing per previous message.

Note You need to log in before you can comment on or make changes to this bug.