Bug 68823 - rpm compains about missing key on install
Summary: rpm compains about missing key on install
Keywords:
Status: CLOSED NOTABUG
Alias: None
Product: Red Hat Public Beta
Classification: Retired
Component: rpm
Version: limbo
Hardware: i386
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Jeff Johnson
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2002-07-14 21:15 UTC by Olaf Schnapauff
Modified: 2008-05-01 15:38 UTC (History)
0 users

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2002-07-14 21:50:14 UTC
Embargoed:

Attachments (Terms of Use)

Description Olaf Schnapauff 2002-07-14 21:15:01 UTC 
Description of Problem:
right after install, I wanted to rpm -i kernel-source. 

RPM complains Warning: ... Header V3 DSA key no signature Key ID .,..

Might be a kernel-source archive problem rather than an rpm problem.



Version-Release number of selected component (if applicable):


How Reproducible:


Steps to Reproduce:
1. 
2. 
3. 

Actual Results:


Expected Results:


Additional Information:
Comment 1 Jeff Johnson 2002-07-14 21:25:40 UTC 
You're using rpm-4.1 and installing a signed package
w/o the correspomding key (signature checking is
now mandatory).

Look for the BETA-GPG-KEY file, import by doing
	rpm --import BETA-GPG-KEY
Verify the pubkey install by doing
	rpm -qi gpg-pubkey
Comment 2 Olaf Schnapauff 2002-07-14 21:50:10 UTC 
This is a freshly installed system. This key import then _must_ be done
automatically during install and cannot be left to the user manually later. This
will a) potentially comprimise security b) confuse the hell out of most people.
Is this at least done automatically for the Non-Beta Key? Anyway, any system
delivered signature key must be imported on install.
Comment 3 Jeff Johnson 2002-07-14 22:00:33 UTC 
Then install with --nosignature to disable
mandatory signature checking.
Note You need to log in before you can comment on or make changes to this bug.