Bug 25895

Summary: installation of mageia 7.1: Payload SHA256 digest: BAD
Product: Mageia Reporter: Elmar Stellnberger <estellnb>
Component: InstallerAssignee: Mageia Bug Squad <bugsquad>
Status: RESOLVED INVALID QA Contact:
Severity: minor    
Priority: Normal CC: lewyssmith
Version: 7   
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Source RPM: CVE:
Status comment:

Description Elmar Stellnberger 2019-12-19 12:12:17 CET 
I always get the following error message trying to install Mageia 7.1:
38 install actions have failed
installation of packages has failed:
package nss-2:3.47.1-1.mga7.x86_64 does not verify: Payload SHA256 digest BAD (Expected 55c1.. != cb53...)
libsoup ....
libgstbase ...
...

  It then just says installation failed without any possibility to retry the download. I have tried it with different mirrors. As the NSA is terrorizing me recently (They rootkit my installations and tamper the BIOSes of my machines) it would possibly be necessary to download via tor. Nonetheless I have the possibility to install offline and then activate online repositories with hindsight; this is what I wanna do now.
Comment 1 Lewis Smith 2019-12-19 20:01:46 CET 
You do not say how you were trying to install Mageia 7.1.

Is it always the package nss which gives the error? Normally such things are due simply to a corrupt download or mirror, but you say you have tried several, so these possibilities are unlikely.

May I suggest that you download one of the ISOs, whose checksum can - should be - be verified. That way your starting point should be correct.
> I have the possibility to install offline and then activate online
> repositories with hindsight; this is what I wanna do now.
Same idea. There will be a *lot* of post-install updates. I prefer myself to boot the installed system and then update it; doing a lot of updates during installation makes it more difficult to pin down initial problems on re-booting.
I seem to recall that the Live ISOs do defer updating until re-boot anyway.

Please report back so that we can hopefully close this bug.

> As the NSA is terrorizing me recently (They rootkit my installations and
> tamper the BIOSes of my machines)
Sounds serious. Best of luck!

CC: (none) => lewyssmith

Comment 2 Elmar Stellnberger 2019-12-23 11:12:29 CET 
> Sounds serious. Best of luck!
Yes, it truely is.

The installation works on a clean computer. I will close the report now.

Status: NEW => RESOLVED
Resolution: (none) => INVALID

Comment 3 Elmar Stellnberger 2020-01-12 20:42:10 CET 
I will close this bug now since there is an easy workaround. It is likely not worth to do something about it. I just wanted you to know that things are not easy for me (security: you may look at https://www.elstel.org/mainboards/ and https://bugzilla.mozilla.org/show_bug.cgi?id=1606802). I had to wrack two OS installations recently due to NSA terror and the EC firmware of my darp5 seems tampered causing a boot issue. Nonetheless you are welcome to have a look at my newly packaged Mageia packages: see Bug 25928, and Bug 25887.