Description of problem: Package krb5-libs-1.7.1-7.fc13.i686.rpm is not signed Version-Release number of selected component (if applicable): Package krb5-libs-1.7.1-7.fc13.i686.rpm is not signed How reproducible: always Steps to Reproduce: 1. sudo yum upgrade 2. 3. Actual results: Package krb5-libs-1.7.1-7.fc13.i686.rpm is not signed Expected results: Additional info:
Have the same [root@fedora13a ~]# export LC_ALL=C; export LANG=C; yum update ... Total size: 569 M Is this ok [y/N]: y Downloading Packages: Package krb5-libs-1.7.1-7.fc13.i686.rpm is not signed
When I use yumdownloader to fetch the packages and examine them with "rpm -Kv", they appear to be signed with key e8e40fde, which is the key bundled with the fedora-release package in the file /etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-13-primary. Do you not have this file on your system? Did yum not prompt to install this key?
(In reply to comment #2) > When I use yumdownloader to fetch the packages and examine them with "rpm -Kv", > they appear to be signed with key e8e40fde, which is the key bundled with the > fedora-release package in the file > /etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-13-primary. Do you not have this file on > your system? Yes. $ ls -ld /etc/pki/rpm-gpg/RPM-GPG-KEY-* -rw-r--r--. 1 root root 1726 1. Mär 2007 /etc/pki/rpm-gpg/RPM-GPG-KEY-adobe-linux lrwxrwxrwx. 1 root root 29 27. Mär 21:50 /etc/pki/rpm-gpg/RPM-GPG-KEY-fedora -> RPM-GPG-KEY-fedora-13-primary -rw-r--r--. 1 root root 1653 22. Mär 22:01 /etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-13-primary lrwxrwxrwx. 1 root root 29 27. Mär 21:50 /etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-i386 -> RPM-GPG-KEY-fedora-13-primary lrwxrwxrwx. 1 root root 29 27. Mär 21:50 /etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-ppc -> RPM-GPG-KEY-fedora-13-primary lrwxrwxrwx. 1 root root 29 27. Mär 21:50 /etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-ppc64 -> RPM-GPG-KEY-fedora-13-primary lrwxrwxrwx. 1 root root 29 27. Mär 21:50 /etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-x86_64 -> RPM-GPG-KEY-fedora-13-primary > Did yum not prompt to install this key? I did import the key mentioned on the homepage "https://fedoraproject.org/de/keys" that is: pub 4096R/E8E40FDE 2010-01-19 Key fingerprint = 8E5F 73FF 2A18 1765 4D35 8FCA 7EDC 6AD6 E8E4 0FDE uid Fedora (13) <fedora> $ rpm -Kv /var/cache/yum/i386/13/fedora/packages/krb5-libs-1.7.1-7.fc13.i686.rpm /var/cache/yum/i386/13/fedora/packages/krb5-libs-1.7.1-7.fc13.i686.rpm: Header SHA1 digest: OK (d311c71114bd14a610f39ca27abc6a7e8762eab3) MD5 digest: OK (0df52b09950da62c122e62cf08d8a487) $ gpg /etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-13-primary pub 4096R/E8E40FDE 2010-01-19 Fedora (13) <fedora>
while running "sudo yum upgrade" I get this message: Presto reduced the update size by 60% (from 49 M to 20 M). Package(s) data still to download: 34 M (1/27): ModemManager-0.3-7.git20100405.fc13.i686.rpm | 161 kB 00:00 (2/27): gnome-icon-theme-extras-2.30.0-1.fc13.noarch.rpm | 360 kB 00:09 (3/27): gnome-packagekit-2.30.0-2.fc13.i686.rpm | 2.8 MB 00:41 (4/27): gnome-themes-2.30.0-3.fc13.noarch.rpm | 2.5 MB 00:57 (5/27): google-chrome-beta-5.0.342.9-43360.i386.rpm | 16 MB 00:23 (6/27): krb5-libs-1.7.1-7.fc13.i686.rpm | 655 kB 00:00 http://fedora.tu-chemnitz.de/pub/linux/fedora/linux/development/13/i386/os/Packages/krb5-libs-1.7.1-7.fc13.i686.rpm: (-1, u'Package does not match intended download. Suggestion: run yum clean metadata') Trying other mirror.
So how could this happen at all. Upgrade did work now. Maybe some mirror system was hacked?