Red Hat Bugzilla – Bug 85808
up2date closes prematurely with GPG error - file is incorrect or corrupted
Last modified: 2007-04-18 12:51:54 EDT
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.0.1) Gecko/20020830
Description of problem:
When updating my system using the Redhat Network Tool, i select the updates to
be downloaded and it begins downloading. It ends prematurely saying that the
GPG Signature is invalid and the file may be invalid or corrupted. I get this
on several different files and it happens at randoms spots within the download,
never at the same point. I first seen this while updating the kernel, but after
8 tries it finally finished with no errors, now i get it on random updates that
I choose, sometimes it finishes with no erros, and sometimes it will give me the
errors. I have spoke with several people and they have experienced the same
problem using the tool, I can download the files manually and they update fine,
but using the tool Redhat packages with it's system will not work. One update
that I get this error on continuosly is with Mozilla's base update
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. Run Redhat Network Tool from the System Tools menu.
2. Select update such as Mozilla
3. Let the update begin and the error usually pops up randomly throught the
download each time.
Actual Results: Download will end and quit prematurely with an Invalid GPG
Expected Results: The download should download completely and install properly.
I'd like to add a confirmation of this bug. I have found that the downloading
the c. 13Mb kernel 2.4.18-26.8.0 resulted in the Redhat Update Agent haning
after approximately 20% download and popping up an error window asserting that
the GPG signature was corrupt. Selecting "continue yes" resulted in the up2date
Minutes later I was able to use the Update Agent to download and install rpms
for "file" and "openssl" correctly without problems (these were significantly
smaller in size).
From this I guess that I have the correct GPG-KEY installed, RedHat Update Agent
can access that key and that the kernel-rpm is either not signed properly or
else there's an issue to do with size of download.
I removed the partially downloaded
/var/spool/up2date/kernel-2.4.18-26.8.0.i686.[hdr|rpm] files and retried twice
with the same erroneous results.
I have also seen this problem reported on the psyche-list although I think the
reported did not submit a bugzilla report.
Here are some more details of the system:
[ofeeley@ars ofeeley]$ uname -a
Linux ars 2.4.18-24.8.0 #1 Fri Jan 31 06:51:30 EST 2003 i686 i686 i386 GNU/Linux
[ofeeley@ars ofeeley]$ rpm -q up2date
[ofeeley@ars ofeeley]$ rpm -q gnupg
Question pop-up window:
The package kernel-2.4.18-26.8.0 does not have a valid GPG signature.
It has been tampered with or corrupted. Continue?
Red Hat Update Agent
3136 of 13279 kB transferred
Well, this appears to be something which is not consistently reproducible. I
just (Mar13th 10am PST) used Red Hat Update Agent to download and install the
2.4.18-26.8.0 kernel with no errors.
Beats me what's wrong.
I can only assume that there was some corruption during file download or that
the RHN server was very busy and that this caused the download to terminate and
instead of signalling "Aborted download" it got a "Download finished" and then
when it checked an md5sum of the package it looked corrupt.
I can confirm this too. I can't make it happen, but perhaps if one were to
force a connection drop (by pulling out the network connection cable from the
machine) this bug could be seen. The update app could be improved by saving the
portion of the file it downloads and resuming the download (either in that
session or, if a number of retries fail, in another update session). The app
appears to download the file from the beginning even when it has tried and
failed to do the download before.
Is there a way to get up2date to output (but not download) a list of URLs where
I can go get the updates up2date is trying to download and install?
This way I could feed this list to a more reliable downloader (like wget) and
then have up2date do the rest of the job (checking the signatures, installing
the updates, etc.) it was built to do.
Also, is there a way to make up2date use wget instead of its built-in (and
apparently deficient) downloading code? It's a shame that the tool built for
the job of updating the system doesn't do continued downloads and doesn't try
multiple times to download an update. I figure why reinvent the wheel? Use
wget since wget does the download job so well.
See bug #86527.
Please reopen, this is NOT fixed. See my comments in bug #86527.