Bug 489524 - Cannot install latest update: RPM claims package is missing GPG key
Cannot install latest update: RPM claims package is missing GPG key
Status: CLOSED CURRENTRELEASE
Product: Fedora
Classification: Fedora
Component: NetworkManager (Show other bugs)
10
All Linux
low Severity urgent
: ---
: ---
Assigned To: Dan Williams
Fedora Extras Quality Assurance
:
: 489533 489559 (view as bug list)
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2009-03-10 11:38 EDT by Ben Webb
Modified: 2009-03-14 20:44 EDT (History)
14 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2009-03-14 20:44:37 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Ben Webb 2009-03-10 11:38:23 EDT
Description of problem:
The latest NetworkManager update cannot be installed - there is something wrong with the signature.

Version-Release number of selected component (if applicable):
NetworkManager-glib-0.7.0.99-3.fc10.x86_64.rpm

How reproducible:
Always

Steps to Reproduce:
1. "yum update NetworkManager"
  
Actual results:
yum/rpm reports:

Downloading Packages:
warning: rpmts_HdrFromFdno: Header V3 DSA signature: NOKEY, key ID 4ebfc273
updates-released/gpgkey                                  | 2.3 kB     00:00     


Public key for NetworkManager-glib-0.7.0.99-3.fc10.x86_64.rpm is not installed

Expected results:
Package is installed.

Additional info:
For comparison, I also downloaded another recent update:
$ ls *.rpm
NetworkManager-glib-0.7.0.99-3.fc10.x86_64.rpm
zeroinstall-injector-0.38-2.fc10.noarch.rpm

$ rpm -K *.rpm
NetworkManager-glib-0.7.0.99-3.fc10.x86_64.rpm: (SHA1) DSA sha1 md5 (GPG) NOT OK (MISSING KEYS:GPG#4ebfc273) 
zeroinstall-injector-0.38-2.fc10.noarch.rpm: (sha1) dsa sha1 md5 gpg OK

$ rpm -q gpg-pubkey-4ebfc273
gpg-pubkey-4ebfc273-48b5dbf3

$ rpm -qpi *.rpm|grep Sig
warning: NetworkManager-glib-0.7.0.99-3.fc10.x86_64.rpm: Header V3 DSA signature: NOKEY, key ID 4ebfc273
Signature   : DSA/8, Mon 09 Mar 2009 09:08:09 PM PDT, Key ID bf226fcc4ebfc273
Signature   : DSA/SHA1, Mon 09 Mar 2009 11:43:40 AM PDT, Key ID bf226fcc4ebfc273

As you can see, both packages are signed with the same key which is installed on my system. But maybe RPM cannot understand the 'DSA/8' signature on the NetworkManager package?

Apologies if this bug is in the wrong component - feel free to reassign it - it is not clear to me where in the system this problem is being introduced.
Comment 1 Robert Hoekstra 2009-03-10 12:39:46 EDT
I have the same issue . . .
Comment 2 shrek-m 2009-03-10 13:48:55 EDT
all other yum updates are ok.

# yum update Net\*
[...]
warning: rpmts_HdrFromFdno: Header V3 DSA signature: NOKEY, key ID 4ebfc273


# rpm -qa gpg\*
gpg-pubkey-1ac70ce6-41bebeef
gpg-pubkey-b1981b68-4878de85
gpg-pubkey-4ebfc273-48b5dbf3
gpg-pubkey-f6777c67-45e5b1b9
gpg-pubkey-6df2196f-48b5d596
gpg-pubkey-a109b1ec-3f6e28d5
gpg-pubkey-49c8885a-4878ddfb
gpg-pubkey-30c9ecf8-3f9da3f7
gpgme-1.1.7-1.fc10.x86_64
gpg-pubkey-4f2a6fd2-3f9d9d3b
Comment 3 William Makowski 2009-03-10 14:56:26 EDT
Same issue in NetworkManager-glib-0.7.0.99-3.fc10.i386.rpm
Comment 4 Thomas R. 2009-03-10 16:05:57 EDT
I can confirm this, 

these bugs seem to be duplicates:
https://bugzilla.redhat.com/show_bug.cgi?id=489559
https://bugzilla.redhat.com/show_bug.cgi?id=489533
Comment 5 Thomas Pifer 2009-03-10 18:06:43 EDT
I'm seeing this problem as well on my i386 machine.
Comment 7 Tim Jackson 2009-03-10 19:15:20 EDT
*** Bug 489533 has been marked as a duplicate of this bug. ***
Comment 8 Tim Jackson 2009-03-10 19:17:20 EDT
*** Bug 489559 has been marked as a duplicate of this bug. ***
Comment 9 udo 2009-03-10 23:54:46 EDT
So same package different signing?
Or different version numbers?
Comment 10 Basil Mohamed Gohar 2009-03-11 01:58:20 EDT
According to the linked announcement above, the package was validly signed, but using the stronger hash planned for F11.  F9 & F10 cannot validate with this new hashing technique, though, so it appears to be an error.

A resigned package has already been pushed-out to the mirrors, so this issue should resolve itself with time.  If you are impatient, maybe you can either install all updates except for NetworkManager, or ONLY for NetworkManager, install with the --nogpgcheck option.

I recommend just waiting, though, to avoid circumventing good security practices.
Comment 11 shrek-m 2009-03-11 14:58:13 EDT
thanks, it is ok now.

# yum update

Abhängigkeit installiert:
  libudev0.x86_64 0:127-3.fc10                                                  

Aktualisiert:
  NetworkManager.x86_64 1:0.7.0.99-3.fc10                                       
  NetworkManager-glib.x86_64 1:0.7.0.99-3.fc10                                  
  NetworkManager-gnome.x86_64 1:0.7.0.99-3.fc10                                 

Komplett!

Note You need to log in before you can comment on or make changes to this bug.