Bug 579223 - Package krb5-libs-1.7.1-7.fc13.i686.rpm is not signed
Package krb5-libs-1.7.1-7.fc13.i686.rpm is not signed
Status: CLOSED NOTABUG
Product: Fedora
Classification: Fedora
Component: krb5 (Show other bugs)
13
All Linux
low Severity medium
: ---
: ---
Assigned To: Nalin Dahyabhai
Fedora Extras Quality Assurance
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2010-04-03 08:01 EDT by Thomas Meyer
Modified: 2010-05-05 14:25 EDT (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2010-05-05 14:25:51 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Thomas Meyer 2010-04-03 08:01:19 EDT
Description of problem:
Package krb5-libs-1.7.1-7.fc13.i686.rpm is not signed

Version-Release number of selected component (if applicable):
Package krb5-libs-1.7.1-7.fc13.i686.rpm is not signed

How reproducible:
always

Steps to Reproduce:
1. sudo yum upgrade
2.
3.
  
Actual results:
Package krb5-libs-1.7.1-7.fc13.i686.rpm is not signed

Expected results:


Additional info:
Comment 1 Sergei LITVINENKO 2010-04-03 12:33:52 EDT
Have the same

[root@fedora13a ~]# export LC_ALL=C; export LANG=C; yum update
...

Total size: 569 M
Is this ok [y/N]: y
Downloading Packages:

Package krb5-libs-1.7.1-7.fc13.i686.rpm is not signed
Comment 2 Nalin Dahyabhai 2010-04-05 09:12:25 EDT
When I use yumdownloader to fetch the packages and examine them with "rpm -Kv", they appear to be signed with key e8e40fde, which is the key bundled with the fedora-release package in the file /etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-13-primary.  Do you not have this file on your system?  Did yum not prompt to install this key?
Comment 3 Thomas Meyer 2010-04-08 12:55:34 EDT
(In reply to comment #2)
> When I use yumdownloader to fetch the packages and examine them with "rpm -Kv",
> they appear to be signed with key e8e40fde, which is the key bundled with the
> fedora-release package in the file
> /etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-13-primary.  Do you not have this file on
> your system?

Yes.

$ ls -ld /etc/pki/rpm-gpg/RPM-GPG-KEY-*
-rw-r--r--. 1 root root 1726  1. Mär 2007  /etc/pki/rpm-gpg/RPM-GPG-KEY-adobe-linux
lrwxrwxrwx. 1 root root   29 27. Mär 21:50 /etc/pki/rpm-gpg/RPM-GPG-KEY-fedora -> RPM-GPG-KEY-fedora-13-primary
-rw-r--r--. 1 root root 1653 22. Mär 22:01 /etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-13-primary
lrwxrwxrwx. 1 root root   29 27. Mär 21:50 /etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-i386 -> RPM-GPG-KEY-fedora-13-primary
lrwxrwxrwx. 1 root root   29 27. Mär 21:50 /etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-ppc -> RPM-GPG-KEY-fedora-13-primary
lrwxrwxrwx. 1 root root   29 27. Mär 21:50 /etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-ppc64 -> RPM-GPG-KEY-fedora-13-primary
lrwxrwxrwx. 1 root root   29 27. Mär 21:50 /etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-x86_64 -> RPM-GPG-KEY-fedora-13-primary

>  Did yum not prompt to install this key?    

I did import the key mentioned on the homepage "https://fedoraproject.org/de/keys" that is:

pub   4096R/E8E40FDE 2010-01-19
      Key fingerprint = 8E5F 73FF 2A18 1765 4D35  8FCA 7EDC 6AD6 E8E4 0FDE
uid                  Fedora (13) <fedora@fedoraproject.org>


$ rpm -Kv /var/cache/yum/i386/13/fedora/packages/krb5-libs-1.7.1-7.fc13.i686.rpm
/var/cache/yum/i386/13/fedora/packages/krb5-libs-1.7.1-7.fc13.i686.rpm:
    Header SHA1 digest: OK (d311c71114bd14a610f39ca27abc6a7e8762eab3)
    MD5 digest: OK (0df52b09950da62c122e62cf08d8a487)

$ gpg /etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-13-primary 
pub  4096R/E8E40FDE 2010-01-19 Fedora (13) <fedora@fedoraproject.org>
Comment 4 Thomas Meyer 2010-04-08 13:07:39 EDT
while running "sudo yum upgrade" I get this message:

Presto reduced the update size by 60% (from 49 M to 20 M).
Package(s) data still to download: 34 M
(1/27): ModemManager-0.3-7.git20100405.fc13.i686.rpm                                               | 161 kB     00:00     
(2/27): gnome-icon-theme-extras-2.30.0-1.fc13.noarch.rpm                                           | 360 kB     00:09     
(3/27): gnome-packagekit-2.30.0-2.fc13.i686.rpm                                                    | 2.8 MB     00:41     
(4/27): gnome-themes-2.30.0-3.fc13.noarch.rpm                                                      | 2.5 MB     00:57     
(5/27): google-chrome-beta-5.0.342.9-43360.i386.rpm                                                |  16 MB     00:23     
(6/27): krb5-libs-1.7.1-7.fc13.i686.rpm                                                            | 655 kB     00:00     
http://fedora.tu-chemnitz.de/pub/linux/fedora/linux/development/13/i386/os/Packages/krb5-libs-1.7.1-7.fc13.i686.rpm: (-1, u'Package does not match intended download. Suggestion: run yum clean metadata')
Trying other mirror.
Comment 5 Thomas Meyer 2010-05-05 14:25:51 EDT
So how could this happen at all. Upgrade did work now. Maybe some mirror system was hacked?

Note You need to log in before you can comment on or make changes to this bug.