rpm --nosignature reversed meaning
Tomasz Pala
gotar at polanet.pl
Tue Aug 30 12:32:46 CEST 2016
On Tue, Aug 30, 2016 at 06:01:35 -0400, Jeffrey Johnson wrote:
> Um, please stop guessing at the cause.
Well, that is the actual content of PLD-3.0-Th-GPG-key.asc. Signatures
match:
pub 1024D/E4F1BC2D 2008-02-13
uid DSApub (PLD Linux Distribution 3.0 (Th)) <th-admin at pld-linux.org>
pub 1024R/EAE6F8B8 2008-02-13
uid RSApub (PLD Linux Distribution 3.0 (Th)) <th-admin at pld-linux.org>
so I see no other cause than some implementation bug. Since standalone DSA works fine:
~: btrfs sub snap / testgpg
~: systemd-nspawn -D testgpg
~: rpm -e gpg-pubkey
~: wget http://ha.pool.sks-keyservers.net/pks/lookup?op=hget&search=5B9E545012899D925DE92F364995E354
[remove HTML parts]
~: rpm --import lookup\?op\=hget\&search\=5B9E545012899D925DE92F364995E354
~: rpm -qi gpg-pubkey
Summary : gpg(DSApub (PLD Linux Distribution 3.0 (Th)) <th-admin at pld-linux.org>)
~: rpm -qp --nosignature keepassx-2.0.2-2.x86_64.rpm
D: PUB: AF3F93BC E4F1BC2D V4 DSA
D: SIG: AF3F93BC E4F1BC2D V4 DSA-SHA1 POSITIVE
D: UID: DSApub (PLD Linux Distribution 3.0 (Th)) <th-admin at pld-linux.org>
D: ========== DSA pubkey id af3f93bc e4f1bc2d (h#969[0])
D: keepassx-2.0.2-2.x86_64.rpm: Header V4 DSA signature: OK, key ID e4f1bc2d
that leaves us with some RSA part (secondary pubkey!) interference.
> The lines displayed before are pubkey certification signatures, not package signatures.
Let me guess for the last time: if handled properly,
rpm --import PLD-3.0-Th-GPG-key.asc
should result in 2 gpg-pubkeys in rpm database. There is one, not working.
--
Tomasz Pala <gotar at pld-linux.org>
More information about the pld-devel-en
mailing list