[Spacewalk-list] Package rpm is not signed

John McNulty johnmcn1 at googlemail.com
Fri Jun 12 14:09:35 UTC 2009


I resolved this by the following method:

- Generated a new Key and signed the packages using the methods described
here:

         http://fedoranews.org/tchung/gpg

- Copied the key over to the client system and imported it into its RPM DB

- Removed the old packages from the channel in spacewalk

- Did an rhnpush to push the signed packages into the channel

- Cleaned out stale copies of the packages from
/var/cache/yum/layered-products/packages on the client.

- Ran 'yum install nx\*' on the client .... success !!


I'd like to echo Jason Frisvold's sentiment that it would be nice to know if
it's possible to add the key to spacewalk so that systems subscribing to a
channel automatically pick up the key.  If not then I'll just have to update
the RPM DB on systems manually, and update the kickstarts to add an extra
wget into the post section to grab locally generated keys at install time.

Thanks for the comments everyone.  Didn't know about
/etc/yum/pluginconf.d/rhnplugin.conf for example.

Rgds,

John
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/spacewalk-list/attachments/20090612/992364d4/attachment.htm>


More information about the Spacewalk-list mailing list