rpm / gpg key question.
Bart Martens
bart.martens at chello.be
Thu Mar 4 23:24:51 UTC 2004
On Thu, 2004-03-04 at 23:37, Erik LaBianca wrote:
> I run rpm --checksig on a package and get
>
> rpm --checksig perl-Example-Package-1.0-0.fdr.1.src.rpm
> perl-Example-Package-1.0-0.fdr.1.src.rpm: (SHA1) DSA sha1 md5 (GPG) NOT
> OK (MISSING KEYS: GPG#GPG_KEY_ID)
>
> So I run
>
> gpg --keyserver pgp.mit.edu --recv-key GPG_KEY_ID
> gpg -a --export GPG_KEY_ID > /tmp/key && sudo rpm --import /tmp/key &&
> rm /tmp/key
>
> and now rpm -qa gpg-pubkey* reports a bunch of keys.
>
> However, rpm --checksig still fails. Why?
Confusing, I know. It works if you use rpm instead of gpg to import the
keys.
rpm --import /usr/share/doc/fedora-release-1/RPM-GPG-KEY
rpm --import /usr/share/doc/fedora-release-1/RPM-GPG-KEY-fedora
> In addition, in trying to make this work, rpm now has several copies of
> the same key installed. In addition, since they are duplicate, trying to
> remove one with sudo rpm -e gpg-pubkey-version-release fails, saying
>
> error: "gpg-pubkey-54b2ad8b*" specifies multiple packages
>
> What gives?
Known bug.
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=68290
Have a look at the man page of rpm. Use --allmatches to remove all
duplicates of a key at once.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://listman.redhat.com/archives/fedora-devel-list/attachments/20040305/f891c373/attachment.sig>
More information about the fedora-devel-list
mailing list