FC4 fresh install up2date finds unsigned packages

Nifty Hat Mitch mitch48 at sbcglobal.net
Wed Jun 15 08:31:21 UTC 2005


On Wed, Jun 15, 2005 at 08:52:19AM +0100, Paul Howarth wrote:
> From: Paul Howarth <paul at city-fan.org>
> To: For users of Fedora Core releases <fedora-list at redhat.com>
> Date: Wed, 15 Jun 2005 08:52:19 +0100
> Subject: Re: FC4 fresh install up2date finds unsigned packages
> Reply-To: For users of Fedora Core releases <fedora-list at redhat.com>
> 
> On Wed, 2005-06-15 at 00:36 -0700, Nifty Hat Mitch wrote:
> > After a FC4 clean load.
> > up2date  found packages that were unsigned.
> >  arpwatch
> >  elinks
> >  gaim
> >  gamin
> >  gedit
> >  libcap
> >  mikmod
> >  tcpdump
> >  ...
> > 
> > Is this expected?
> 
> Looks like these are the packages in the updates-released repo. I expect
> they're actually signed but not using a key that's imported into your
> RPM database. Yum would do this automatically based on info in the
> fedora-updates.repo file, but perhaps up2date doesn't?
> 
> Try this:
> # rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-fedora
> 
> See if that improves matters.

Yes yum did the expected and prompted to import the  keys
that you indicated above.

I was prompted for a key update with up2date but some{how,way}
the right keys did not get imported with up2date/firstboot.

I have yet to compare the rpms downloaded by both to see 
if they are exact matches....

Anyhow 'yum update' sorts this out.

Thanks,
mitch


-- 
	T o m  M i t c h e l l 
	Found me a new place to hang my hat :-)
	Found me a cable too.




More information about the users mailing list