Bug 52192 - up2date fails because packages are not pgp signed
up2date fails because packages are not pgp signed
Status: CLOSED NOTABUG
Product: Red Hat Public Beta
Classification: Retired
Component: up2date (Show other bugs)
roswell
i386 Linux
medium Severity high
: ---
: ---
Assigned To: Adrian Likins
Jay Turner
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2001-08-21 12:19 EDT by Need Real Name
Modified: 2015-01-07 18:50 EST (History)
4 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2001-08-22 00:27:32 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Need Real Name 2001-08-21 12:19:15 EDT
Description of Problem:

up2date failes to install any updates because packages on the beta rhn
server dont seem to be pgp signed.

Version-Release number of selected component (if applicable):

up2date-2.6.0-7.x.29

Steps to Reproduce:
1. run up2date
2. choose update to install
3. 

Actual Results:
updates are not installed

Expected Results:
updates should be installed

Additional Information:
Comment 1 Need Real Name 2001-08-21 12:24:24 EDT
Note that up2date actually lets you install packages without gpg signatures, but
this results in errors.
Comment 2 Christopher McCrory 2001-08-21 13:36:38 EDT
workaround:
change /etc/sysconfig/rhn/up2date 
to not use GPG

up2date:useGPG[comment]=Use GPG to verify package integrity
up2date:useGPG=0

Comment 3 Jay Turner 2001-08-21 15:15:52 EDT
This is not a bug.  In the case that the user has the option set to check for
GPG signature, then up2date is not supposed to install packages which are not
GPG signed.  If you want to get around this on the commandline, then add
"--nosig"  In the GUI, the user is prompted that the package is not signed and
then given the opportunity to install the package anyway.
Comment 4 Need Real Name 2001-08-21 15:51:52 EDT
So, are the updates gpg signed?

I used up2date from the original roswell cds to update the up2date and
up2date-gnome packages. I installed them even though a gpg signature was not
found. The new up2date however was broken and refused to start.
Comment 5 Mihai Ibanescu 2001-08-21 16:11:19 EDT
For which values of 'broken'? :-)
Could you please provide us with more details?
To answer your question, the beta packages are not GPG signed, that's why you
have to either use --nosig on the command line, or to edit
/etc/sysconfig/rhn/up2date
Comment 6 Need Real Name 2001-08-22 00:27:20 EDT
I tried to recreate what happened by reverting to the old up2date and installing
the new one through it. This time it worked without the old "brokenness".
Later I realized that a new version of roswell had been released. I would
attribute the behaviour I saw to corrupted rpm packages caused by large numbers
of people hitting the up2date server simultaneously. (I verified this, many of
the packages downloaded by up2date dont seem pass the md5sum test with rpm -K.(
But, why would up2date install those packages?!)). The situation would probably
improve in a couple of days, again, this looks like a red-herring.
Comment 7 Jay Turner 2001-08-22 09:32:42 EDT
Closing this issue out again.  Will reopen is we start to see issues again.
Comment 8 Adrian Likins 2001-08-22 15:31:44 EDT
Hmm. The server delivering lots of corrupt rpms seems like a real problem
to me though. 

However, the client is supposed to verirfying the package md5sums before
it ever attempts to install them, so if this isnt the case thats another
bug. But both of those should probable get a new bui id. If you've got
more details about these cases, mind opening bug reports for them?
Comment 9 Mihai Ibanescu 2001-08-22 15:52:10 EDT
bharath, do you still experience corrupted RPM packages? If so, please file a
different bugzilla cause this one is really about GPG sigs and not about md5sums.
Comment 10 Need Real Name 2001-08-22 16:34:59 EDT
Please see Bug 52329.

Note You need to log in before you can comment on or make changes to this bug.