rpm --nosignature reversed meaning
Tomasz Pala
gotar at polanet.pl
Tue Aug 30 12:57:53 CEST 2016
On Tue, Aug 30, 2016 at 05:56:43 -0400, Jeffrey Johnson wrote:
> The 2 line snippet is DNS to port 53 ??? disabling hkp:// is an entirely different
> functionality than disabling signature verification.
I didn't want to disable it (on contrary, I need them to be
unconditional), just to make them local.
>> ~: rpm -qp --nosignature keepassx-2.0.2-2.x86_64.rpm (reversed meaning in query mode bug)
>> error: keepassx-2.0.2-2.x86_64.rpm: Header V4 DSA signature: BAD, key ID e4f1bc2d
>> error: reading keepassx-2.0.2-2.x86_64.rpm manifest, non-printable characters found
>>
>
> Um, I believe I???ve used that pubkey ??? see if there isn???t a report from
> spring 2015 on pld-devel ??? the issue was that the RSA fingerprint was
> fixed and so that pubkey had to be reimported. I???ve forgotten ???
>
> What version of rpm is this?
rpm-5.4.15-35.x86_64 - this is completely fresh system, commands run for
the first time, so no keys imported before, no leftovers.
>> ~: diff PLD-3.0-Th-GPG-key.asc /etc/pki/rpm-gpg/PLD-3.0-Th-GPG-key.asc
>
> Try removing and reimporting.
Doesn't work until I manually split this into RSA and DSA.
>> (BTW this key is not automatically imported to rpm database).
>
> No pubkey is automatically imported by RPM, particularly those retrieved from hkp://
> or externally generated signatures.
It would be nice to have some tool to import from hkp:// directly. I did
lynx/wget/vi magic to fetch them, how to do this straight from cmdline?
> Anyways if you give me a URL to the pubkey and a package signed with that pubkey, I???ll
> (again) sort out the details.
I'm using
ftp://ftp.th.pld-linux.org/dists/th/PLD-3.0-Th-GPG-key.asc
ftp://ftp.th.pld-linux.org/dists/th/PLD/x86_64/RPMS/keepassx-2.0.2-2.x86_64.rpm
--
Tomasz Pala <gotar at pld-linux.org>
More information about the pld-devel-en
mailing list