Hide Forgot
Description of problem: Can't upload new sources to update EPEL packages. Version-Release number of selected component (if applicable): 0.5.5.0-2.el6 How reproducible: I'm the maintainer of the Armadillo EPEL package. I've tried to update the package to the latest version, but I am unable to upload the source archive. I'm using Scientific Linux 6 (RHEL 6 clone) with EPEL 6. Following the instructions at http://fedoraproject.org/wiki/PackageMaintainers/UpdatingPackageHowTo below is what I've tried: # su # yum --noplugins install fedora-packager Setting up Install Process Resolving Dependencies --> Running transaction check ---> Package fedora-packager.noarch 0:0.5.5.0-2.el6 set to be updated --> Finished Dependency Resolution Dependencies Resolved Installing: fedora-packager noarch 0.5.5.0-2.el6 epel 34 k (...) # rm /root/.fedora* # fedora-cert -n Can't determine fas name, lets get a new cert FAS Username: conrads FAS Password: # cd /tmp # rm -rf armadillo # fedpkg clone armadillo Initialized empty Git repository in /tmp/armadillo/.git/ remote: Counting objects: 113, done. remote: Compressing objects: 100% (58/58), done. remote: Total 113 (delta 48), reused 103 (delta 45) Receiving objects: 100% (113/113), 13.44 KiB, done. Resolving deltas: 100% (48/48), done. # cd armadillo # fedpkg new-sources /tmp/svn_out/armadillo-1.2.0.tar.gz Uploading: 856268f9730a3e55db38cbc1b7f8f2bc /tmp/svn_out/armadillo-1.2.0.tar.gz Missing certificate: /root/.fedora-server-ca.cert Could not upload new sources: Lookaside failure. Please run 'fedora-cert -v' to verify your certificate # fedora-cert -v Verifying Certificate cert expires: 2011-10-16 CRL Checking not implemented yet # fedpkg new-sources /tmp/svn_out/armadillo-1.2.0.tar.gz Uploading: 856268f9730a3e55db38cbc1b7f8f2bc /tmp/svn_out/armadillo-1.2.0.tar.gz Missing certificate: /root/.fedora-server-ca.cert Could not upload new sources: Lookaside failure. Please run 'fedora-cert -v' to verify your certificate # cp /root/.fedora.cert /root/.fedora-server-ca.cert # fedpkg new-sources /tmp/svn_out/armadillo-1.2.0.tar.gz Uploading: 856268f9730a3e55db38cbc1b7f8f2bc /tmp/svn_out/armadillo-1.2.0.tar.gz Could not upload new sources: Lookaside failure. Please run 'fedora-cert -v' to verify your certificate Googling the problem pointed to: http://www.mail-archive.com/devel@lists.fedoraproject.org/msg16274.html # (openssl x509 -in /root/.fedora.cert -text; echo; openssl rsa -in /root/.fedora.cert)> /root/.fedora.cert.new writing RSA key # cp /root/.fedora.cert.new /root/.fedora.cert cp: overwrite `/root/.fedora.cert'? y # fedpkg new-sources /tmp/svn_out/armadillo-1.2.0.tar.gz Uploading: 856268f9730a3e55db38cbc1b7f8f2bc /tmp/svn_out/armadillo-1.2.0.tar.gz Could not upload new sources: Lookaside failure. Please run 'fedora-cert -v' to verify your certificate # cp /root/.fedora.cert.new /root/.fedora-server-ca.cert cp: overwrite `/root/.fedora-server-ca.cert'? y # fedpkg new-sources /tmp/svn_out/armadillo-1.2.0.tar.gz Uploading: 856268f9730a3e55db38cbc1b7f8f2bc /tmp/svn_out/armadillo-1.2.0.tar.gz Could not upload new sources: Lookaside failure. Please run 'fedora-cert -v' to verify your certificate # fedora-cert -v Verifying Certificate cert expires: 2011-10-16 CRL Checking not implemented yet # fedpkg new-sources /tmp/svn_out/armadillo-1.2.0.tar.gz Uploading: 856268f9730a3e55db38cbc1b7f8f2bc /tmp/svn_out/armadillo-1.2.0.tar.gz Could not upload new sources: Lookaside failure. Please run 'fedora-cert -v' to verify your certificate
More info, in case there is a weird version mismatch: # yum -C deplist fedora-packager package: fedora-packager.noarch 0.5.5.0-2.el6 dependency: bodhi-client provider: bodhi-client.noarch 0.7.10-1.el6 dependency: fedpkg = 0.5.5.0-2.el6 provider: fedpkg.noarch 0.5.5.0-2.el6 dependency: ykpers provider: ykpers.x86_64 1.3.4-1.el6 provider: ykpers.i686 1.3.4-1.el6 dependency: pyOpenSSL provider: pyOpenSSL.x86_64 0.10-2.el6 dependency: rpmlint provider: rpmlint.noarch 0.94-2.el6 dependency: /bin/bash provider: bash.x86_64 4.1.2-3.el6 dependency: rpm-build provider: rpm-build.x86_64 4.8.0-12.el6 dependency: mock provider: mock.noarch 1.1.8-1.el6 dependency: /usr/bin/python provider: python.x86_64 2.6.5-3.el6 provider: python.i686 2.6.5-3.el6 dependency: redhat-rpm-config provider: redhat-rpm-config.noarch 9.0.3-25.el6 dependency: openssh-clients provider: openssh-clients.x86_64 5.3p1-20.el6 dependency: rpmdevtools provider: rpmdevtools.noarch 7.5-1.el6 dependency: fedora-cert = 0.5.5.0-2.el6 provider: fedora-cert.noarch 0.5.5.0-2.el6 dependency: /bin/sh provider: bash.x86_64 4.1.2-3.el6 dependency: curl provider: curl.x86_64 7.19.7-16.el6 dependency: koji provider: koji.noarch 1.6.0-1.el6.1
further info: # rpm -q openssl nss openssl-1.0.0-4.el6_0.2.x86_64 nss-3.12.8-1.el6_0.0.sl6.x86_64
http://fedoraproject.org/wiki/PackageMaintainers/UsingKoji#Fedora_Certificates please read the faq, its a know issue with rhel6 and derivatives it should be fixed in 6.1 i believe.