This service will be undergoing maintenance at 00:00 UTC, 2016-09-28. It is expected to last about 1 hours
Bug 481081 - KPackageKit chokes on unsigned (or signed with an unknown key) RPMs
KPackageKit chokes on unsigned (or signed with an unknown key) RPMs
Status: CLOSED NEXTRELEASE
Product: Fedora
Classification: Fedora
Component: kpackagekit (Show other bugs)
10
i686 Linux
low Severity high
: ---
: ---
Assigned To: Steven M. Parrish
Fedora Extras Quality Assurance
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2009-01-21 21:19 EST by Daisy Jane
Modified: 2009-04-28 03:07 EDT (History)
6 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2009-04-27 14:56:58 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)

  None (edit)
Description Daisy Jane 2009-01-21 21:19:45 EST
This problem occurred in Fedora 10 with the KDE Desktop in the latest release ordered from Linuxcentral.com.

I installed Fedora 10 with the KDE desktop, and immediately experienced problems with the package downloader program crashing (Kdownload?? something like that).  Every time I tried to use it, it crashed.  I was able to *check* for package updates successfully, but when I tried to download them, the download program crashed, while telling me "there is an error because this package is not signed".  I got this same crash and error while trying to download not only updates, but Opera, and other third party Linux accessories, basically I could not download anything without getting this crash/error, and the problem happened from the very beginning.  I since took that machine offline because I could not get it secure with the updates.  Also, I checked my settings for both the OS and Konqueror and did not find anything that would prevent unsigned elements from downloading or installing.


How reproducible: should be able to reproduce


Steps to Reproduce:
1.install Fedora 10 with KDE desktop
2. check for updates, try to download updates OR

3.try to download Opera
  
Actual results: Kdownload(?) program crash, window with red x, telling me "this package could not be downloaded because it is not signed"


Expected results: crash/error


Additional info: checked OS and Konqueror settings and could not find anything that would prevent unsigned elements from downloading or installing
Comment 1 Rex Dieter 2009-01-22 13:19:16 EST
I'll guess kpackagekit here.

I'm pretty sure PackageKit default policy is indeed to disallow unsigned packages.  Not sure how/why official updates are being labeled as such.
Comment 2 Kevin Kofler 2009-02-01 10:19:25 EST
I can confirm this: KPackageKit chokes on RPMs which are unsigned or signed with an unknown key.

What is supposed to happen (and what happens with gnome-packagekit) is that it warns about the unauthenticated package and prompts for the root password, then installs the package. What KPackageKit does is that it brings up one of those "Erro KPackageKit" windows.
Comment 3 Steven M. Parrish 2009-02-04 12:23:02 EST
Thank you for the bug report.  This issue needs to be addressed by the upstream developers.  Please submit a report at http://bugs.kde.org. You are requested to add the bugzilla link here for tracking purposes. Please make sure the bug isn't already in the upstream bug tracker before filing it.
Comment 4 Thorsten Leemhuis 2009-02-23 13:56:13 EST
(In reply to comment #3)
> Thank you for the bug report.  This issue needs to be addressed by the upstream
> developers.  Please submit a report at http://bugs.kde.org. You are requested
> to add the bugzilla link here for tracking purposes. Please make sure the bug
> isn't already in the upstream bug tracker before filing it.

ping -- did that happen? RPM Fusion has a interest to get this fixed, as this bug right now it complicated the "how to enable RPM Fusion" documentation :-((
Comment 5 Kevin Kofler 2009-02-23 17:54:19 EST
Upstream changelogs claim it's fixed in 0.4.0, I didn't have a chance to test that yet. (Note that AFAIK KPackageKit 0.4.0 needs PackageKit 0.4, so it's only in Rawhide at the moment.)
Comment 6 Steven M. Parrish 2009-02-23 18:03:20 EST
Ok I just finished testing this with 0.4.0 in Rawhide and it is indeed fixed.  However as Kevin said it currently is only in Rawhide as it does require Packagekit >= 0.4.  While this will more than likely make it into F10 I would doubt you will see it in F9.  I'm waiting on word from RHughes as to when/if he plans on upgrading F10 to the 0.4 release.
Comment 7 Steven M. Parrish 2009-04-27 14:56:58 EDT
Currently no plans to upgrade Packagekit on F10 so this is going to continue to be an issue.  This is fixed in F11+.
Comment 8 Kevin Kofler 2009-04-28 03:07:53 EDT
I think we should really work on getting the PackageKit 0.4 stack into F10, it's a huge improvement for KPackageKit.

Note You need to log in before you can comment on or make changes to this bug.