running yum with --nosignature
Panu Matilainen
pmatilai at laiskiainen.org
Tue Jun 19 11:54:09 UTC 2012
On 06/03/2012 06:28 AM, JD wrote:
> On 06/02/2012 08:02 PM, Edward M wrote:
>> On 06/02/2012 06:09 PM, JD wrote:
>>> run rpm -ivh --nosignature xdfr-2.0.1.src.rpm
>>> but rpm exits with error message:
>>> error: xdfr-2.0.1.src.rpm: rpmReadSignature failed: sigh load: BAD
>>> error: xdfe-2.0.1.src.rpm cannot be installed
>>
>>
>> I *think* the problem sits with the person/group who produced that
>> source file.
>> and they will need to add a fix, probably resign it.
>>
>>
> I found an old dd image of fc14.
> I mounted it, copied the src rpm to a tmp dir within the
> mounted image, and chrooted to it.
> I was able to use rpm2cpio to convert it to cpio.
> The signature issue probably started in fc15???
F14 never received the security update (rpm-4.9.1.3, F14 was EOL by
then) which makes rpm a lot pickier about the exact package header
layout. A known higher profile case is Mono-packages from a Novell
repository failing the same way, at least in those cases there's
unexpected alignment in the signature header which causes the internal
sanity checks on header size to fail.
It'd be interesting to know what version of rpm was used the build and
sign the package exhibiting this issue.
- Panu -
More information about the users
mailing list