[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Package signature weirdness with rpm 4.1.1 on YellowDog 2.3



Well, got 4.1.1 to link against itself, and it seems mostly clean now. I
rebuilt the rpm database, but am getting a strange bahavior when trying to
sign packages and verify their signature.

It comes down to this:

[dude@powermac RPMS]$ rpm -K unrar-3.1.3-fr1.ppc.rpm
only V3 signatures can be verified, skipping V4 signature
unrar-3.1.3-fr1.ppc.rpm: md5 OK
(that package was built ans signed with rpm 4.0.3)

[dude@powermac RPMS]$ rpm --resign unrar-3.1.3-fr1.*
Enter pass phrase:
Pass phrase is good.
unrar-3.1.3-fr1.ppc.rpm:
unrar-3.1.3-fr1.src.rpm:
(from my experience, having no output here is a good sign)

[dude@powermac RPMS]$ rpm -K unrar-3.1.3-fr1.ppc.rpm
only V3 signatures can be verified, skipping V4 signature
only V3 signatures can be verified, skipping V4 signature
unrar-3.1.3-fr1.ppc.rpm: sha1 md5 OK
(now I get the message twice, and "sha1" is checked and previously wasn't)


All packages I had recompiled, signed and installed with 4.0.3 give those
V3 vs. V4 messages, even when doing "rpm -qa" for instance.

Am I doing something wrong? Seems strange to me that the rpm used to sign
the packages isn't able to verify them. Was the signature verification code
from rpm 3.x merged into the rpm 4.2 packport!? :-)

Matthias

-- 
Clean custom Red Hat Linux rpm packages : http://freshrpms.net/
Red Hat Linux release 8.0.9x (Phoebe) running Linux kernel 2.4.20-2.54
Load : 0.32 0.32 0.24, AC on-line, battery charging: 100% (5:54)





[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []