Description of Problem: up2date failes to install any updates because packages on the beta rhn server dont seem to be pgp signed. Version-Release number of selected component (if applicable): up2date-2.6.0-7.x.29 Steps to Reproduce: 1. run up2date 2. choose update to install 3. Actual Results: updates are not installed Expected Results: updates should be installed Additional Information:
Note that up2date actually lets you install packages without gpg signatures, but this results in errors.
workaround: change /etc/sysconfig/rhn/up2date to not use GPG up2date:useGPG[comment]=Use GPG to verify package integrity up2date:useGPG=0
This is not a bug. In the case that the user has the option set to check for GPG signature, then up2date is not supposed to install packages which are not GPG signed. If you want to get around this on the commandline, then add "--nosig" In the GUI, the user is prompted that the package is not signed and then given the opportunity to install the package anyway.
So, are the updates gpg signed? I used up2date from the original roswell cds to update the up2date and up2date-gnome packages. I installed them even though a gpg signature was not found. The new up2date however was broken and refused to start.
For which values of 'broken'? :-) Could you please provide us with more details? To answer your question, the beta packages are not GPG signed, that's why you have to either use --nosig on the command line, or to edit /etc/sysconfig/rhn/up2date
I tried to recreate what happened by reverting to the old up2date and installing the new one through it. This time it worked without the old "brokenness". Later I realized that a new version of roswell had been released. I would attribute the behaviour I saw to corrupted rpm packages caused by large numbers of people hitting the up2date server simultaneously. (I verified this, many of the packages downloaded by up2date dont seem pass the md5sum test with rpm -K.( But, why would up2date install those packages?!)). The situation would probably improve in a couple of days, again, this looks like a red-herring.
Closing this issue out again. Will reopen is we start to see issues again.
Hmm. The server delivering lots of corrupt rpms seems like a real problem to me though. However, the client is supposed to verirfying the package md5sums before it ever attempts to install them, so if this isnt the case thats another bug. But both of those should probable get a new bui id. If you've got more details about these cases, mind opening bug reports for them?
bharath, do you still experience corrupted RPM packages? If so, please file a different bugzilla cause this one is really about GPG sigs and not about md5sums.
Please see Bug 52329.