[Spacewalk-list] spacewalk client not seeing signed rpms, or Public key not installed error

Mon Apr 11 10:28:25 UTC 2011

Hi,

I'm a newbie and just installed spacewalk on my centos 5.5 server.  I 
chose to install the software with the postgres,
rather than oracle, database.

I've followed the install instructions on this link:

http://wiki.centos.org/HowTos/PackageManagement/Spacewalk

deviating only slightly to make changes for postgres instead of oracle.  
Instructions were taken from the
following pages:

https://fedorahosted.org/spacewalk/wiki/HowToInstall12
https://fedorahosted.org/spacewalk/wiki/PostgreSQLServerSetup
https://fedorahosted.org/spacewalk/wiki/HowToInstall11
https://fedorahosted.org/spacewalk/wiki/PostgreSQL

Per the instructions I installed and synced the CentOS5 base, update and 
spacewalk client channels.  I also
setup a client machine and was able to yum install a package from the 
CentOS Base repository on my spacewalk
server.

I need to keep separate yum repositories for a few systems who require 
specialized rpm installations.  Following
the links above, I tried to create a personal yum repository channel and 
"sign" the files with my own generated
gpg key  (I  also imported this key on my client machine).

However, when I try to do a "yum install xxdiff" (and example of an 
extra rpm found outside the base repository)
I get the error:  Public key for xxdiff-3.2-12.0.cf.rhel5.i386.rpm is 
not installed.  I tried to import another rpm
without doing a "gpg --resign" on it prior to installation and recieved 
the error "Package nxclient-3.4.0-7.i386.rpm is not signed".

I tried resigning the xxdiff rpm and got the error:  "warning: 
xxdiff-3.2-12.0.cf.rhel5.i386.rpm: was already signed by key ID 
da5485bc, skipping"
so I know the rpm is signed, and it looks like it is by the correct gpg 
key that I created using the command "gpg --gen-key".   The key
was exported and then rpm --import -ed  to my server.  It shows up in 
the gpg --list-keys command.

It seems as though the issue is on the client side, but I can't be 
sure.  When I try to do a "yum install xxdiff", along with the public key
error, I also get the error:

   warning: rpmts_HdrFromFdno: Header V3 DSA signature: NOKEY, key ID 
b56a8bac

For some reason, it is seeing a different key for the package.
Instead of a yum install, I tried to schedule an install from the 
spacewalk server to the client.  A push instead of a pull process.
The install failed.  A "rhn_check -vvvvvv" on the client showed the 
following error:
-------
warning: rpmts_HdrFromFdno: Header V3 DSA signature: NOKEY, key ID b56a8bac
D: May free Score board((nil))
D: Sending back response ((6,), 'Error while executing packages action: 
Public key for xxdiff-3.2-12.0.cf.rhel5.i386.rpm is not installed', {})
XMLRPC ProtocolError: <ProtocolError for mymachine /XMLRPC: 500 Internal 
Server Error>
-------

I know I'm doing some basic newbie error, but I'm not sure what it is.  
BTW, the command "rpm -q gpg-pubkey"  on both
the client and server show the repository key I created is installed.  
It seems I am missing a critical step when I setup my
own repository.

I'm wondering if I have a bigger problem with my installation and it is 
manifesting itself with the client.  When I initially
login to the server with my created "admin" password, I always get two 
https errors.  After I close the error boxes, I'm
presented with the Overview page.  I don't see any obvious errors in the 
httpd ssl logs.

If someone could direct me to some configuration examples or readmes on 
how to set up a personal repository using
spacewalk, I'd be grateful.
thanks.  sorry for the length of the post.