Red Hat Bugzilla – Bug 481081
KPackageKit chokes on unsigned (or signed with an unknown key) RPMs
Last modified: 2009-04-28 03:07:53 EDT
This problem occurred in Fedora 10 with the KDE Desktop in the latest release ordered from Linuxcentral.com.
I installed Fedora 10 with the KDE desktop, and immediately experienced problems with the package downloader program crashing (Kdownload?? something like that). Every time I tried to use it, it crashed. I was able to *check* for package updates successfully, but when I tried to download them, the download program crashed, while telling me "there is an error because this package is not signed". I got this same crash and error while trying to download not only updates, but Opera, and other third party Linux accessories, basically I could not download anything without getting this crash/error, and the problem happened from the very beginning. I since took that machine offline because I could not get it secure with the updates. Also, I checked my settings for both the OS and Konqueror and did not find anything that would prevent unsigned elements from downloading or installing.
How reproducible: should be able to reproduce
Steps to Reproduce:
1.install Fedora 10 with KDE desktop
2. check for updates, try to download updates OR
3.try to download Opera
Actual results: Kdownload(?) program crash, window with red x, telling me "this package could not be downloaded because it is not signed"
Expected results: crash/error
Additional info: checked OS and Konqueror settings and could not find anything that would prevent unsigned elements from downloading or installing
I'll guess kpackagekit here.
I'm pretty sure PackageKit default policy is indeed to disallow unsigned packages. Not sure how/why official updates are being labeled as such.
I can confirm this: KPackageKit chokes on RPMs which are unsigned or signed with an unknown key.
What is supposed to happen (and what happens with gnome-packagekit) is that it warns about the unauthenticated package and prompts for the root password, then installs the package. What KPackageKit does is that it brings up one of those "Erro KPackageKit" windows.
Thank you for the bug report. This issue needs to be addressed by the upstream developers. Please submit a report at http://bugs.kde.org. You are requested to add the bugzilla link here for tracking purposes. Please make sure the bug isn't already in the upstream bug tracker before filing it.
(In reply to comment #3)
> Thank you for the bug report. This issue needs to be addressed by the upstream
> developers. Please submit a report at http://bugs.kde.org. You are requested
> to add the bugzilla link here for tracking purposes. Please make sure the bug
> isn't already in the upstream bug tracker before filing it.
ping -- did that happen? RPM Fusion has a interest to get this fixed, as this bug right now it complicated the "how to enable RPM Fusion" documentation :-((
Upstream changelogs claim it's fixed in 0.4.0, I didn't have a chance to test that yet. (Note that AFAIK KPackageKit 0.4.0 needs PackageKit 0.4, so it's only in Rawhide at the moment.)
Ok I just finished testing this with 0.4.0 in Rawhide and it is indeed fixed. However as Kevin said it currently is only in Rawhide as it does require Packagekit >= 0.4. While this will more than likely make it into F10 I would doubt you will see it in F9. I'm waiting on word from RHughes as to when/if he plans on upgrading F10 to the 0.4 release.
Currently no plans to upgrade Packagekit on F10 so this is going to continue to be an issue. This is fixed in F11+.
I think we should really work on getting the PackageKit 0.4 stack into F10, it's a huge improvement for KPackageKit.