Alla packages are downloaded, but when I get the following warning: Errore: Il pacchetto libmpg123-1.22.4-1.fc24.x86_64.rpm non è firmato (unsigned)
but it is not installed [root@pcdesktop1 antonio]# rpm -qa libmpg123-1.22.4-1.fc24.x86_64.rpm [root@pcdesktop1 antonio]#
then [root@pcdesktop1 antonio]# dnf system-upgrade reboot Errore: system is not ready for upgrade
How o I proceed??
Tnx
Antonio Montagnani
Linux Fedora 23 (Workstation) inviato da Gmail
On 06/21/16 21:52, Antonio M wrote:
Alla packages are downloaded, but when I get the following warning: Errore: Il pacchetto libmpg123-1.22.4-1.fc24.x86_64.rpm non è firmato (unsigned)
but it is not installed [root@pcdesktop1 antonio]# rpm -qa libmpg123-1.22.4-1.fc24.x86_64.rpm [root@pcdesktop1 antonio]#
then [root@pcdesktop1 antonio]# dnf system-upgrade reboot Errore: system is not ready for upgrade
How o I proceed??
libmpg123 is a package from rpmfusion-free. Seems that one of their packages may have a new dependency that isn't accounted for in their F24 repos.
You could try disabling all the rpmfusion repos and try again to upgrade.
Il giorno mar, 21/06/2016 alle 22.07 +0800, Ed Greshko ha scritto:
You could try disabling all the rpmfusion repos and try again to upgrade.
This is not the solution.
If I disable rpmfusion repo the update fails:
package mencoder-1.2.1-2.fc23.x86_64 requires libavcodec.so.56()(64bit), but none of the providers can be installed. package mlt-6.0.0-2.fc23.x86_64 requires libavcodec.so.56()(64bit), but none of the providers can be installed (try to add '--allowerasing' to command line to replace conflicting packages)
If I use '--allowerasing', all software from rpmfusion will be removed.
And this is not what I want.
Then, for now, I'm not able to upgrade to f24.
Me too have this problem with another package from rpmfusion (freetype- freeworld), then I have post a message to rpmfusion-user list and now wait ....
Thanks
On 06/21/16 23:45, Dario Lesca wrote:
Il giorno mar, 21/06/2016 alle 22.07 +0800, Ed Greshko ha scritto:
You could try disabling all the rpmfusion repos and try again to upgrade.
This is not the solution.
If I disable rpmfusion repo the update fails:
You're not talking about the same issue as the OP.
Anyway I did try to update a system here and the OP's issue came up for me and I read the error message properly and simply added the --nogpgcheck to the dnf command.
package mencoder-1.2.1-2.fc23.x86_64 requires libavcodec.so.56()(64bit), but none of the providers can be installed. package mlt-6.0.0-2.fc23.x86_64 requires libavcodec.so.56()(64bit), but none of the providers can be installed (try to add '--allowerasing' to command line to replace conflicting packages)
If I use '--allowerasing', all software from rpmfusion will be removed.
And this is not what I want.
Then, for now, I'm not able to upgrade to f24.
Me too have this problem with another package from rpmfusion (freetype- freeworld), then I have post a message to rpmfusion-user list and now wait ....
Thanks
On 06/21/2016 07:41 PM, Ed Greshko wrote:
Anyway I did try to update a system here and the OP's issue came up for me and I read the error message properly and simply added the --nogpgcheck to the dnf command.
That works, but it's terrible practice. Those packages are (probably) downloaded over http, so they're vulnerable to MITM attacks that replace them with, or inject malware.
Allow the system to remove the rpmfusion packages, and then reinstall what you need afterward. It works AND it's secure.
On 06/22/16 11:36, Gordon Messmer wrote:
On 06/21/2016 07:41 PM, Ed Greshko wrote:
Anyway I did try to update a system here and the OP's issue came up for me and I read the error message properly and simply added the --nogpgcheck to the dnf command.
That works, but it's terrible practice. Those packages are (probably) downloaded over http, so they're vulnerable to MITM attacks that replace them with, or inject malware.
Allow the system to remove the rpmfusion packages, and then reinstall what you need afterward. It works AND it's secure.
Generally speaking, yes. But considering the flux rpmfusion is in these days and I deemed the risk rather low.
On 06/21/2016 08:43 PM, Ed Greshko wrote:
Generally speaking, yes. But considering the flux rpmfusion is in these days and I deemed the risk rather low.
I'll admit that the risk is hypothetical, but what does rpmfusion's flux have to do with the risk of allowing unsigned packages?
(Bearing in mind, that flag is global. You told dnf to ignore signatures for all package, on all repos.)
On 06/22/16 11:59, Gordon Messmer wrote:
I'll admit that the risk is hypothetical, but what does rpmfusion's flux have to do with the risk of allowing unsigned packages?
It was only one package that was unsigned, and it came from rpmfusion, and they are in the middle of putting up an new infrastructure. So not unthinkable a package had slipped thru unsigned.
(Bearing in mind, that flag is global. You told dnf to ignore signatures for all package, on all repos.)
Yes, except that it was just the one package and, while I did not mention it, I checked some of the downloaded rpm's in the cache. Yes, it probably would have been a "better" idea to disable the gpgcheck in the rpmfusion repo.
On 06/21/2016 09:12 PM, Ed Greshko wrote:
On 06/22/16 11:59, Gordon Messmer wrote:
I'll admit that the risk is hypothetical, but what does rpmfusion's flux have to do with the risk of allowing unsigned packages?
It was only one package that was unsigned, and it came from rpmfusion, and they are in the middle of putting up an new infrastructure. So not unthinkable a package had slipped thru unsigned.
dnf stops at the first unsigned package. All the rpmfusion F24 packages are currently in the updates-testing repository and are unsigned.
On 06/22/16 12:27, Samuel Sieb wrote:
On 06/21/2016 09:12 PM, Ed Greshko wrote:
On 06/22/16 11:59, Gordon Messmer wrote:
I'll admit that the risk is hypothetical, but what does rpmfusion's flux have to do with the risk of allowing unsigned packages?
It was only one package that was unsigned, and it came from rpmfusion, and they are in the middle of putting up an new infrastructure. So not unthinkable a package had slipped thru unsigned.
dnf stops at the first unsigned package. All the rpmfusion F24 packages are currently in the updates-testing repository and are unsigned.
Right, and that is why I suggested I should have disable just the rpmfusion check.
In any event.... If you are worried, don't upgrade. If you're not worried, upgrade. Your choice.
a silly question, how do you understand that a package is signed in any repo?? apart from the warning of dnf, of course....
Antonio Montagnani
Linux Fedora 24 (Workstation) inviato da Gmail
2016-06-22 6:31 GMT+02:00 Ed Greshko ed.greshko@greshko.com:
On 06/22/16 12:27, Samuel Sieb wrote:
On 06/21/2016 09:12 PM, Ed Greshko wrote:
On 06/22/16 11:59, Gordon Messmer wrote:
I'll admit that the risk is hypothetical, but what does rpmfusion's
flux
have to do with the risk of allowing unsigned packages?
It was only one package that was unsigned, and it came from rpmfusion,
and they are in the
middle of putting up an new infrastructure. So not unthinkable a
package had slipped thru
unsigned.
dnf stops at the first unsigned package. All the rpmfusion F24 packages
are currently
in the updates-testing repository and are unsigned.
Right, and that is why I suggested I should have disable just the rpmfusion check.
In any event.... If you are worried, don't upgrade. If you're not worried, upgrade. Your choice.
-- You're Welcome Zachary Quinto -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://lists.fedoraproject.org/admin/lists/users@lists.fedoraproject.org Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
On 06/21/2016 10:04 PM, Antonio M wrote:
a silly question, how do you understand that a package is signed in any repo?? apart from the warning of dnf, of course....
That would be the primary way. Otherwise, if you have rpmdevtools installed, you can download the rpm and run rpmdev-checksig on it. That's what I used to check some rpms from rpmfusion to determine that they aren't signed.
On 06/22/16 13:15, Samuel Sieb wrote:
On 06/21/2016 10:04 PM, Antonio M wrote:
a silly question, how do you understand that a package is signed in any repo?? apart from the warning of dnf, of course....
That would be the primary way. Otherwise, if you have rpmdevtools installed, you can download the rpm and run rpmdev-checksig on it. That's what I used to check some rpms from rpmfusion to determine that they aren't signed.
Or you could run rpm -K rpmfile
This shows the output of a signed rpm
[root@meimei ~]# rpm -K aime-8.20160504-1.fc23.x86_64.rpm aime-8.20160504-1.fc23.x86_64.rpm: rsa sha1 (md5) pgp md5 OK
This shows the output of a non-signed rpm
[egreshko@acer ~]$ rpm -K libmpg123-1.22.4-1.fc24.x86_64.rpm libmpg123-1.22.4-1.fc24.x86_64.rpm: sha1 md5 OK
On 06/21/2016 10:19 PM, Ed Greshko wrote:
On 06/22/16 13:15, Samuel Sieb wrote:
On 06/21/2016 10:04 PM, Antonio M wrote:
a silly question, how do you understand that a package is signed in any repo?? apart from the warning of dnf, of course....
That would be the primary way. Otherwise, if you have rpmdevtools installed, you can download the rpm and run rpmdev-checksig on it. That's what I used to check some rpms from rpmfusion to determine that they aren't signed.
Or you could run rpm -K rpmfile
This shows the output of a signed rpm
[root@meimei ~]# rpm -K aime-8.20160504-1.fc23.x86_64.rpm aime-8.20160504-1.fc23.x86_64.rpm: rsa sha1 (md5) pgp md5 OK
This shows the output of a non-signed rpm
[egreshko@acer ~]$ rpm -K libmpg123-1.22.4-1.fc24.x86_64.rpm libmpg123-1.22.4-1.fc24.x86_64.rpm: sha1 md5 OK
Oh, that's right, you can check it with rpm and I have used that. However, rpmdev-checksig will give you a bit more info: python /bin/rpmdev-checksig nss-3.21.0-1.1.fc23.i686.rpm nss-3.21.0-1.1.fc23.i686.rpm: RSA/SHA256 - 34ec9cba - fedora-23-primary@fedoraproject.org python /bin/rpmdev-checksig a52dec-0.7.4-19.fc24.x86_64.rpm a52dec-0.7.4-19.fc24.x86_64.rpm: MD5 - None - <None>
You currently have to run it with python directly because there's a bug where the #! line has python3, but then it throws an exception. If you run it with python2, it works.
I find amusing that when I check a package in the Dnf list also packages installed from UnitedRpms are listed as installed from System!!!! Is it right?? I suppose no
Antonio Montagnani
Linux Fedora 24 (Workstation) inviato da Gmail
2016-06-22 7:43 GMT+02:00 Samuel Sieb samuel@sieb.net:
On 06/21/2016 10:19 PM, Ed Greshko wrote:
On 06/22/16 13:15, Samuel Sieb wrote:
On 06/21/2016 10:04 PM, Antonio M wrote:
a silly question, how do you understand that a package is signed in any repo?? apart from the warning of dnf, of course....
That would be the primary way. Otherwise, if you have rpmdevtools
installed, you can download the rpm and run rpmdev-checksig on it. That's what I used to check some rpms from rpmfusion to determine that they aren't signed.
Or you could run rpm -K rpmfile
This shows the output of a signed rpm
[root@meimei ~]# rpm -K aime-8.20160504-1.fc23.x86_64.rpm aime-8.20160504-1.fc23.x86_64.rpm: rsa sha1 (md5) pgp md5 OK
This shows the output of a non-signed rpm
[egreshko@acer ~]$ rpm -K libmpg123-1.22.4-1.fc24.x86_64.rpm libmpg123-1.22.4-1.fc24.x86_64.rpm: sha1 md5 OK
Oh, that's right, you can check it with rpm and I have used that.
However, rpmdev-checksig will give you a bit more info: python /bin/rpmdev-checksig nss-3.21.0-1.1.fc23.i686.rpm nss-3.21.0-1.1.fc23.i686.rpm: RSA/SHA256 - 34ec9cba - < fedora-23-primary@fedoraproject.org> python /bin/rpmdev-checksig a52dec-0.7.4-19.fc24.x86_64.rpm a52dec-0.7.4-19.fc24.x86_64.rpm: MD5 - None - <None>
You currently have to run it with python directly because there's a bug where the #! line has python3, but then it throws an exception. If you run it with python2, it works.
-- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://lists.fedoraproject.org/admin/lists/users@lists.fedoraproject.org Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
On 06/21/2016 10:47 PM, Antonio M wrote:
I find amusing that when I check a package in the Dnf list also packages installed from UnitedRpms are listed as installed from System!!!! Is it right?? I suppose no
How did you install it? And what command are you using to check that?
# dnf info driconf Installed Packages Name : driconf Repo : @System From repo : fedora
Because it's installed, it's showing info from the @System repo, but it also shows that it originally came from the fedora repo.
I installed by Yum Extender (Dnf) i.e. the graphical interface, and the list that I am referring to is the list in the graphical interface, not in the terminal, that I used a short ago
$ dnf info vlc Ultima verifica della scadenza dei metadati: 0:22:02 fa il Wed Jun 22 08:00:25 2016. Pacchetti installati Nome : vlc Arch : x86_64 Epoca : 0 Versione : 3.0.0 Rilascio : 6.20160608gitbb83680.fc24 Dim. : 4.2 M Repo : @System Dal repo : unitedrpms Sommario : The cross-platform open-source multimedia framework, player and : server URL : http://www.videolan.org Licenza : GPLv2+ Descrizione : VLC media player is a highly portable multimedia player and : multimedia framework capable of reading most audio and video : formats as well as DVDs, Audio CDs VCDs, and various streaming : protocols. It can also be used as a media converter or a server to : stream in uni-cast or multi-cast in IPv4 or IPv6 on networks.
Antonio Montagnani
Linux Fedora 24 (Workstation) inviato da Gmail
2016-06-22 7:55 GMT+02:00 Samuel Sieb samuel@sieb.net:
On 06/21/2016 10:47 PM, Antonio M wrote:
I find amusing that when I check a package in the Dnf list also packages installed from UnitedRpms are listed as installed from System!!!! Is it right?? I suppose no
How did you install it? And what command are you using to check that?
# dnf info driconf Installed Packages Name : driconf Repo : @System From repo : fedora
Because it's installed, it's showing info from the @System repo, but it also shows that it originally came from the fedora repo.
-- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://lists.fedoraproject.org/admin/lists/users@lists.fedoraproject.org Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
On 06/21/2016 11:23 PM, Antonio M wrote:
I installed by Yum Extender (Dnf) i.e. the graphical interface, and the list that I am referring to is the list in the graphical interface, not in the terminal, that I used a short ago
$ dnf info vlc Repo : @System Dal repo : unitedrpms
I wouldn't be surprised if the graphical interface would show the first one, but here you can see that it did come from unitedrpms.
Hi Antonio,
Den 2016-06-21 kl. 15:52, skrev Antonio M:
Alla packages are downloaded, but when I get the following warning: Errore: Il pacchetto libmpg123-1.22.4-1.fc24.x86_64.rpm non è firmato (unsigned)
but it is not installed [root@pcdesktop1 antonio]# rpm -qa libmpg123-1.22.4-1.fc24.x86_64.rpm
This package is from rpmfusion-free, so ask on that list.
[root@pcdesktop1 antonio]#
then [root@pcdesktop1 antonio]# dnf system-upgrade reboot Errore: system is not ready for upgrade
How o I proceed??
Tnx
Antonio Montagnani
Linux Fedora 23 (Workstation) inviato da Gmail
-- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://lists.fedoraproject.org/admin/lists/users@lists.fedoraproject.org Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
On Tue, Jun 21, 2016 at 03:52:30PM +0200, Antonio M wrote:
Alla packages are downloaded, but when I get the following warning: Errore: Il pacchetto libmpg123-1.22.4-1.fc24.x86_64.rpm non è firmato (unsigned)
but it is not installed [root@pcdesktop1 antonio]# rpm -qa libmpg123-1.22.4-1.fc24.x86_64.rpm [root@pcdesktop1 antonio]#
then [root@pcdesktop1 antonio]# dnf system-upgrade reboot Errore: system is not ready for upgrade
How o I proceed??
You'll find this helpful: https://fedoramagazine.org/upgrading-fedora-23-workstation-to-fedora-24/#com...
Try to disable rpmfusion repo, before upgrading and then..
sudo dnf config-manager –set-disabled rpmfusion-free
sudo dnf config-manager –set-disabled rpmfusion-nonfree sudo dnf config-manager –set-disabled rpmfusion-free-updates sudo dnf config-manager –set-disabled rpmfusion-nonfree-updates sudo dnf system-upgrade download –releasever=24 –allowerasing
I hope this will work
On Wed, Jun 22, 2016 at 1:53 AM, Paul W. Frields stickster@gmail.com wrote:
On Tue, Jun 21, 2016 at 03:52:30PM +0200, Antonio M wrote:
Alla packages are downloaded, but when I get the following warning: Errore: Il pacchetto libmpg123-1.22.4-1.fc24.x86_64.rpm non è firmato (unsigned)
but it is not installed [root@pcdesktop1 antonio]# rpm -qa libmpg123-1.22.4-1.fc24.x86_64.rpm [root@pcdesktop1 antonio]#
then [root@pcdesktop1 antonio]# dnf system-upgrade reboot Errore: system is not ready for upgrade
How o I proceed??
You'll find this helpful:
https://fedoramagazine.org/upgrading-fedora-23-workstation-to-fedora-24/#com...
-- Paul W. Frields http://paul.frields.org/ gpg fingerprint: 3DA6 A0AC 6D58 FEC4 0233 5906 ACDB C937 BD11 3717 http://redhat.com/ - - - - http://pfrields.fedorapeople.org/ The open source story continues to grow: http://opensource.com -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://lists.fedoraproject.org/admin/lists/users@lists.fedoraproject.org Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
very useful indeed!!! tnx to all
Antonio Montagnani
Linux Fedora 24 (Workstation) inviato da Gmail
2016-06-21 19:53 GMT+02:00 Paul W. Frields stickster@gmail.com:
On Tue, Jun 21, 2016 at 03:52:30PM +0200, Antonio M wrote:
Alla packages are downloaded, but when I get the following warning: Errore: Il pacchetto libmpg123-1.22.4-1.fc24.x86_64.rpm non è firmato (unsigned)
but it is not installed [root@pcdesktop1 antonio]# rpm -qa libmpg123-1.22.4-1.fc24.x86_64.rpm [root@pcdesktop1 antonio]#
then [root@pcdesktop1 antonio]# dnf system-upgrade reboot Errore: system is not ready for upgrade
How o I proceed??
You'll find this helpful:
https://fedoramagazine.org/upgrading-fedora-23-workstation-to-fedora-24/#com...
-- Paul W. Frields http://paul.frields.org/ gpg fingerprint: 3DA6 A0AC 6D58 FEC4 0233 5906 ACDB C937 BD11 3717 http://redhat.com/ - - - - http://pfrields.fedorapeople.org/ The open source story continues to grow: http://opensource.com -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://lists.fedoraproject.org/admin/lists/users@lists.fedoraproject.org Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
I'm glad it working. You’re welcome, I was happy to do it. I know you’d do the same for me and someone else.
On Wed, Jun 22, 2016 at 3:25 AM, Antonio M antonio.montagnani@gmail.com wrote:
very useful indeed!!! tnx to all
Antonio Montagnani
Linux Fedora 24 (Workstation) inviato da Gmail
2016-06-21 19:53 GMT+02:00 Paul W. Frields stickster@gmail.com:
On Tue, Jun 21, 2016 at 03:52:30PM +0200, Antonio M wrote:
Alla packages are downloaded, but when I get the following warning: Errore: Il pacchetto libmpg123-1.22.4-1.fc24.x86_64.rpm non è firmato (unsigned)
but it is not installed [root@pcdesktop1 antonio]# rpm -qa libmpg123-1.22.4-1.fc24.x86_64.rpm [root@pcdesktop1 antonio]#
then [root@pcdesktop1 antonio]# dnf system-upgrade reboot Errore: system is not ready for upgrade
How o I proceed??
You'll find this helpful:
https://fedoramagazine.org/upgrading-fedora-23-workstation-to-fedora-24/#com...
-- Paul W. Frields http://paul.frields.org/ gpg fingerprint: 3DA6 A0AC 6D58 FEC4 0233 5906 ACDB C937 BD11 3717 http://redhat.com/ - - - - http://pfrields.fedorapeople.org/ The open source story continues to grow: http://opensource.com -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://lists.fedoraproject.org/admin/lists/users@lists.fedoraproject.org Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
-- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://lists.fedoraproject.org/admin/lists/users@lists.fedoraproject.org Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
-
Antonio M -
Dario Lesca -
Dev -
Ed Greshko -
Gordon Messmer -
Jon Ingason -
Paul W. Frields -
Samuel Sieb