%{_hkp_keyserver} in rpm

Jeffrey Johnson n3npq at me.com
Thu Jun 4 14:43:29 CEST 2015


> On Jun 4, 2015, at 6:56 AM, Kacper Kornet <draenog at pld-linux.org> wrote:
> 
> On Thu, Jun 04, 2015 at 12:46:00PM +0300, Elan Ruusamäe wrote:
>> On 04.06.2015 12:19, Kacper Kornet wrote:
>>> And the original slow command was:
> 
>>> rpm -qp --nodigest --nosignature --qf %{R} google-chrome-stable-43.0.2357.81-1.x86_64.rpm
> 
>>> called during building google-chrome
>> as i have not encountered this in normal poldek/rpm usage.
> 
>> perhaps because i use pld packages only and i have pld key imported?
> 
> And does it work for you? I think I have the PLD key imported and:

Do you have the key imported or not? Use “rpm -q gpg-pubkey” and look
for the pubkey in the version …

> 
> $ rpm -Kp git-core-2.4.0-1.x86_64.rpm
> git-core-2.4.0-1.x86_64.rpm: (SHA1) DSA sha1 md5 NOT_OK
> 
> I think most users have been saved by bug in rpm in interpretation of switch
> --nosignature. It is interpereted correctly only for modes -K and -V. 

Not a bug, entirely by intent. tpm is headed for MANDATORY signature
checking for more than a decade now and removal of —nosignature/—nodigest
(and other) disablers.

> For all other modes it default is not to check signature and option 
> --nosignature actually switches it on. Like:
> 
> $ time rpm -qp  --qf '%{name} %{vendor}\n' git-core-2.4.0-1.x86_64.rpm
> git-core pld
> rpm -qp --qf '%{name} %{vendor}\n' git-core-2.4.0-1.x86_64.rpm  0.05s user 0.00s system 92% cpu 0.058 total 
> 
> $ time rpm -qp --nosignature --qf '%{name} %{vendor}\n'
> git-core-2.4.0-1.x86_64.rpm
> 
> time rpm -qp --nosignature --qf '%{name} %{vendor}\n'
> git-core-2.4.0-1.x86_64.rpm                          
> error: git-core-2.4.0-1.x86_64.rpm: Header V4 DSA signature: BAD, key ID
> e4f1bc2d
> error: reading git-core-2.4.0-1.x86_64.rpm manifest, non-printable
> characters found
> rpm -qp --nosignature --qf '%{name} %{vendor}\n'
> git-core-2.4.0-1.x86_64.rpm  0.06s user 0.00s system 0% cpu 2:07.39 total
> 
> And the same for rpm -U …

Do you have the pubkey imported or not?

73 de Jeff

> -- 
>  Kacper
> _______________________________________________
> pld-devel-en mailing list
> pld-devel-en at lists.pld-linux.org
> http://lists.pld-linux.org/mailman/listinfo/pld-devel-en



More information about the pld-devel-en mailing list