When trying to do so, the package install failed. There aren't any flags to `package install` to indicate to ignore the signing. Here is a snippet from the logs: 2011-01-14 11:17:38,879 [INFO][asynctaskreplyqueue] run() @ consumer.py:65 - ready 2011-01-14 11:17:42,014 [INFO][asynctaskreplyqueue] received() @ consumer.py:159 - {asynctaskreplyqueue} received: { "origin": "f746e86a-dfc6-4787-aab5-55f39af08d93", "version": "0.2", "result": { "exval": "Traceback (most recent call last):\n\n File \"/usr/lib/python2.7/site-packages/gofer/messaging/dispatcher.py\", line 252, in __call__\n retval = method(*args, **keywords)\n\n File \"/usr/lib/gofer/plugins/pulp.py\", line 157, in install\n yb.processTransaction()\n\n File \"/usr/lib/python2.7/site-packages/yum/__init__.py\", line 4498, in processTransaction\n self._checkSignatures(pkgs,callback)\n\n File \"/usr/lib/python2.7/site-packages/yum/__init__.py\", line 4543, in _checkSignatures\n raise Errors.YumGPGCheckError, errmsg\n\nYumGPGCheckError: Package emoticons-0.1-2.x86_64.rpm is not signed\n", "xargs": [], "xstate": { "value": "Package emoticons-0.1-2.x86_64.rpm is not signed" }, "xclass": "YumGPGCheckError", "xmodule": "yum.Errors" }, "any": "ce2bd1de-1ff9-11e0-9fb5-5254003d10ee", "sn": "7bcb2b93-3b51-4548-ad12-11343fe67f3d" } 2011-01-14 11:17:42,014 [INFO][asynctaskreplyqueue] failed() @ async.py:229 - Task RMI (failed) Failed sn : 7bcb2b93-3b51-4548-ad12-11343fe67f3d origin : f746e86a-dfc6-4787-aab5-55f39af08d93 user data : ce2bd1de-1ff9-11e0-9fb5-5254003d10ee exception: Package emoticons-0.1-2.x86_64.rpm is not signed 2011-01-14 11:17:42,015 [ERROR][asynctaskreplyqueue] failed() @ task.py:207 - Task id:ce2bd1de-1ff9-11e0-9fb5-5254003d10ee, method_name:install: (YumGPGCheckError(),) 2011-01-14 11:17:42,017 [INFO][asynctaskreplyqueue] run() @ consumer.py:65 - ready
Updated the repolib to explicitly set the gpgcheck=(0|1) based on whether any gpg keys are specified. In the case of sync'd fedora/rhel repos, this kind of sucks because in order to have the client (yum) do gpg checking, the user will have to upload the fedora/rhel gpg keys which are already on the (client) box. We need to revisit this!
Fixed in 0.132.
[root@pulp-qe ~]# rpm --checksig /tmp/unsigned-1.0-1.noarch.rpm /tmp/unsigned-1.0-1.noarch.rpm: sha1 md5 OK [root@pulp-qe ~]# rpm --checksig /tmp/unsigned-1.0-1.noarch.rpm /tmp/unsigned-1.0-1.noarch.rpm: sha1 md5 OK [root@pulp-qe ~]# pulp-admin content upload --repoid=foo /tmp/unsigned-1.0-1.noarch.rpm --nosig * Starting Content Upload operation. See /var/log/pulp/client.log for more verbose output * Performing Content Uploads to Pulp server * Performing Repo Associations * Content Upload complete. [root@pulp-qe ~]# pulp-admin repo content --id=foo +------------------------------------------+ Contents of foo +------------------------------------------+ Packages in foo: unsigned-1.0-1.noarch.rpm Errata in foo: none Files in foo: none [root@pulp-qe ~]# pulp-client -u admin -p admin consumer create --id=fred Successfully created consumer [ fred ] [root@pulp-qe ~]# pulp-client consumer bind --repoid=foo Successfully subscribed consumer [fred] to repo [foo] [root@pulp-qe ~]# pulp-admin package install --consumerid=fred -n unsigned Created task id: f2281d35-9826-11e0-8c90-54520040237d Task is scheduled for: 2011-06-16 10:43 Waiting: [\] [[['unsigned-1.0-1.noarch'], None]] installed on fred
Closing with Community Release 15 pulp-0.0.223-4.