Description of problem: If a key has not yet been imported into the database, yum-cron will not apply any of the updates. e.g.: warning: /var/cache/yum/x86_64/19/adobe-linux-x86_64/packages/flash-plugin-11.2.202.297-release.x86_64.rpm: Header V3 DSA/SHA1 Signature, key ID f6777c67: NOKEY Public key for flash-plugin-11.2.202.297-release.x86_64.rpm is not installed Importing GPG key 0xF6777C67: Userid : "Adobe Systems Incorporated (Linux RPM Signing Key) <secure>" Fingerprint: 78a8 75e9 7f09 06bd 6355 73fa 3a69 bd24 f677 7c67 Package : adobe-release-x86_64-1.0-1.noarch (@adobe-linux-x86_64) From : /etc/pki/rpm-gpg/RPM-GPG-KEY-adobe-linux The following updates will be applied on barry.cora.nwra.com: ================================================================================ Package Arch Version Repository Size ================================================================================ Updating: NetworkManager x86_64 1:0.9.8.2-8.git20130709.fc19 updates-testing 1.0 M alsa-lib i686 1.0.27.2-1.fc19 updates-testing 384 k alsa-lib x86_64 1.0.27.2-1.fc19 updates-testing 385 k ca-certificates noarch 2012.87-10.4.fc19 updates-testing 351 k colord x86_64 1.0.2-1.fc19 updates-testing 431 k colord-libs x86_64 1.0.2-1.fc19 updates-testing 145 k eclipse-photran noarch 8.1.1-1.fc19 updates-testing 6.9 M eclipse-photran-intel noarch 8.1.1-1.fc19 updates-testing 52 k eclipse-ptp x86_64 7.0.1-1.fc19 updates-testing 38 M eclipse-ptp-rdt-xlc noarch 7.0.1-1.fc19 updates-testing 120 k filesystem x86_64 3.2-13.fc19 updates-testing 1.0 M findutils x86_64 1:4.5.11-2.fc19 updates-testing 557 k flash-plugin x86_64 11.2.202.297-release adobe-linux-x86_64 6.9 M gimp x86_64 2:2.8.6-3.fc19 updates-testing 14 M glusterfs-api x86_64 3.4.0-0.9.beta4.fc19 updates-testing 47 k glusterfs-fuse x86_64 3.4.0-0.9.beta4.fc19 updates-testing 89 k grep x86_64 2.14-4.fc19 updates-testing 330 k libX11-devel x86_64 1.6.0-1.fc19 updates-testing 978 k libXvMC-devel x86_64 1.0.8-1.fc19 updates-testing 19 k mercurial x86_64 2.6.3-1.fc19 updates-testing 2.6 M nss-sysinit x86_64 3.15.1-1.fc19 updates-testing 44 k nss-tools x86_64 3.15.1-1.fc19 updates-testing 459 k python-devel x86_64 2.7.5-3.fc19 updates-testing 387 k ruby-devel x86_64 2.0.0.247-12.fc19 updates-testing 124 k ruby-irb noarch 2.0.0.247-12.fc19 updates-testing 85 k ruby-libs x86_64 2.0.0.247-12.fc19 updates-testing 2.8 M rubygem-bigdecimal x86_64 1.2.0-12.fc19 updates-testing 76 k rubygem-io-console x86_64 0.4.2-12.fc19 updates-testing 47 k rubygem-psych x86_64 2.0.0-12.fc19 updates-testing 74 k rubygems-devel noarch 2.0.3-12.fc19 updates-testing 40 k seabios-bin noarch 1.7.2.2-2.fc19 updates-testing 71 k seavgabios-bin noarch 1.7.2.2-2.fc19 updates-testing 27 k tcp_wrappers x86_64 7.6-74.fc19 updates-testing 78 k tigervnc x86_64 1.3.0-1.fc19 updates-testing 207 k tigervnc-icons noarch 1.3.0-1.fc19 updates-testing 33 k tigervnc-license noarch 1.3.0-1.fc19 updates-testing 23 k tree x86_64 1.6.0-9.fc19 updates-testing 46 k webkitgtk3 x86_64 2.0.3-2.fc19 updates-testing 11 M xorg-x11-server-Xorg x86_64 1.14.2-3.fc19 updates-testing 1.3 M xorg-x11-server-Xvfb x86_64 1.14.2-3.fc19 updates-testing 800 k yum noarch 3.4.3-100.fc19 updates-testing 1.2 M yum-cron noarch 3.4.3-100.fc19 updates-testing 52 k Updating for dependencies: NetworkManager-glib x86_64 1:0.9.8.2-8.git20130709.fc19 updates-testing 317 k eclipse-ptp-rdt noarch 7.0.1-1.fc19 updates-testing 2.5 M gimp-libs x86_64 2:2.8.6-3.fc19 updates-testing 1.3 M glusterfs x86_64 3.4.0-0.9.beta4.fc19 updates-testing 1.1 M libX11 i686 1.6.0-1.fc19 updates-testing 596 k libX11 x86_64 1.6.0-1.fc19 updates-testing 594 k libX11-common noarch 1.6.0-1.fc19 updates-testing 181 k libXvMC x86_64 1.0.8-1.fc19 updates-testing 22 k nss i686 3.15.1-1.fc19 updates-testing 840 k nss x86_64 3.15.1-1.fc19 updates-testing 843 k nss-softokn i686 3.15.1-1.fc19 updates-testing 296 k nss-softokn x86_64 3.15.1-1.fc19 updates-testing 293 k nss-softokn-freebl i686 3.15.1-1.fc19 updates-testing 145 k nss-softokn-freebl x86_64 3.15.1-1.fc19 updates-testing 160 k nss-util i686 3.15.1-1.fc19 updates-testing 66 k nss-util x86_64 3.15.1-1.fc19 updates-testing 67 k python x86_64 2.7.5-3.fc19 updates-testing 84 k python-libs x86_64 2.7.5-3.fc19 updates-testing 5.5 M ruby x86_64 2.0.0.247-12.fc19 updates-testing 64 k rubygems noarch 2.0.3-12.fc19 updates-testing 322 k tcp_wrappers-libs i686 7.6-74.fc19 updates-testing 66 k tcp_wrappers-libs x86_64 7.6-74.fc19 updates-testing 66 k xorg-x11-server-common x86_64 1.14.2-3.fc19 updates-testing 44 k Transaction Summary ================================================================================ Upgrade 42 Packages (+23 Dependent packages) Updates failed to install with the following error message: ["Didn't install any keys"] Version-Release number of selected component (if applicable): yum-cron-3.4.3-99.fc19.noarch
[caveat - I'm not the yum-cron maintainer anymore, it's part of yum proper] But - is this really a bug? I'm not sure I _want_ a cron job accepting new keys automatically. The whole point of yum asking the user about a new key is so that the user can go verify that the key represents someone whom they trust to be updating their system with root authority. In this case, yum-cron is doing the right thing by alerting the root email address that there's a new key, a human needs to verify that this key is trusted. Looks like here that means that the human who enabled the adobe repository should verify that that it's really Adobe interactively: then yum-cron will happily keep things updated (till Adobe chances their key, which is another appropriate time for human intervention).
Bah, I knew it was part of yum now, just fat fingered the component I guess. I'm not sure about the correct behavior here, although it is different than before. However, in a managed, deployed environment (where yum-cron is probably most often used) manually checking that is not an option. If there is no option to force yum-cron to accept new gpg keys, I guess I'll just import the keys in my kickstart %post or some such.
Ahh, good point - didn't think of the initial run on a lot of recently deployed machines. Rooting around on the man pages I didn't see a yum option for this (there is with rpm, of course). If there were such an option, then adding that option to the yum-cron config file would do the trick for you. I'll punt and hope one of the yum core guys knows?
*** This bug has been marked as a duplicate of bug 968529 ***