[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: all I wanted was to update the kernel, not a crypto lesson ...



  Jesse, I appreciate the informative response.  Yes, I would think
this information should be much more accessible, Maybe preserved in:

  http://docs.fedoraproject.org/yum/en/sn-using-repositories.html

On 10/3/07, Jesse Keating <jkeating redhat com> wrote:
> The two keys used right now are
>
> pub   1024D/4F2A6FD2 2003-10-27
> uid                  Fedora Project <fedora redhat com>
>
> Used for final releases and updates.
>
> pub   1024D/30C9ECF8 2003-10-27
> uid                  Fedora Project (Test Software) <rawhide redhat com>
>
> Used for Test releases and updates-testing.

  Interesting, as on the system where the check SUCCEEDS it reports
merely:

[root localhost ~]# rpm -qa gpg-pubkey*
gpg-pubkey-4f2a6fd2-3f9d9d3b
[root localhost ~]#

which does NOT include the "rawhide" key?  On the system which fails
the check, after importing and enabling only from fedora mirrors, I
find:

[root localhost ~]# rpm -qa gpg-pubkey*
gpg-pubkey-4f2a6fd2-3f9d9d3b
gpg-pubkey-1cddbca9-3f9da14c
gpg-pubkey-e418e3aa-3f439953
[root localhost ~]#

Does anyone recognize these other two keys?

> Both of which are installed on the system, however not imported into
> the rpmdb.

  Given that I tried both:

[root localhost ~]# rpm --import
http://ftp.linux.ncsu.edu/pub/fedora/linux/development/i386/os/RPM-GPG-KEY-fedora-rawhide
[root localhost ~]# rpm --import
http://ftp.linux.ncsu.edu/pub/fedora/linux/development/i386/os/RPM-GPG-KEY-rawhide
[root localhost ~]#

on the system that failed to validate, without the desired effect,
some of the puzzle remains.  Does Pirut cache the imported keys when
it starts, and fail to notice any keys that have been imported by the
time one selects the "Apply updates" command button yet again?  Does
anyone have the time to read the source / experiment / Bugzilla this?

  One insight that I hope will not be used counter-productively, is
that the system where the check succeeds was installed from the f7
LiveCD.  The system where the check fails was installed from the f7
DVD.  While I still have not been shown which files or imported keys
account for its success, this user prefers the GPG-key capabilities
supplied by the system installed from the LiveCD.  Will this advantage
remain with these media of the f8 vintage?

  This may be something to record in:

  http://fedoraproject.org/wiki/F7ReleaseSummary

(in the vicinity of the item about NetworkManager being a default
application only on the LiveCD system) if we can only deduce what the
crucial difference with GPG keys is.

Cheers,
Nelson

p.s. Yes, in my hurry I burdened us with an imprecise Subject line,
which could have been more accurate as:
  all I wanted was to install an additional kernel, not a crypto lesson
Apologies for sloppily implying one could update a kernel.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]