[ Please reassign to proper component / rpm if not okay ] * This concerns an install on a formatted disk, not an upgrade. ls -al /etc/RPM-GPG-KEYS -rw-r--r-- 1 root root 8080 Aug 23 2003 22458a98.asc # Mandriva Security -rw-r--r-- 1 root root 1430 Aug 23 2003 70771ff3.asc # Mandriva Linux -rw-r--r-- 1 root root 1462 Aug 23 2003 9b4a4024.asc # MandrakeSoft $ gpg --list-keys mageia pub 4096R/80420F66 2011-02-07 [expires: 2012-03-13] uid Mageia Packages <packages@mageia.org> pub 4096R/DA10B483 2011-03-08 [expires: 2012-04-11] uid Mageia Release <release@mageia.org> pub 4096R/41BCD9E7 2011-04-18 [expires: 2012-05-22] uid Mageia Software <software@mageia.org> $ rpm -qa |grep pubk gpg-pubkey-80420f66-4d4fe123
CC: (none) => dmorganecSource RPM: drakx-installer-stage2-13.58-2.mga1 => gnupg
in the gnupg rpm this is in SOURCES/mdk-keys.tar.bz2 which should be changed.
The following snippet should do the trick to regenerate the keys : for i in 41BCD9E7 DA10B483 80420F66; do gpg --recv $i ; gpg -a -o $i.asc --export $i ;done; I guess this warrant a update
CC: (none) => misc
On the other hand, do we need to keep the directory ? What is it used for, with current rpm ?
Status: NEW => ASSIGNED
In my idea Michael's snippet may not do the trick: last time I tried a gnupg key with exteral signatures did not import into rpm. After all, rpm may not even use the said keys from /etc, but IMHO they are supposed to be rpm-workable keys. Gnupg can strip everything external, or surely at Mageia there is a clean set of keys saved somewhere. But my attempts at importing keys into rpm date from 6 to 8 years ago, so what I say may no longer be true.
If one want's to clean the key with gnupg: gpg --edit-key <keyid> followed by minimize, quit and --export...
sorry, i need to give a keyserver, which one can i give ? gpg: no keyserver known (use option --keyserver) gpg: keyserver receive failed: bad URI
Normally in ~/.gnupg/gpg.conf, but this should always work: --keyserver hkp://pgp.mit.edu:11371
The 'pubkey' file - if need be with added extension '.asc' - in the media_info directory of each repository is equal in content to the clean rpm-gpg-keys.
e.g. mv pubkey pubkey.asc gpg --import pubkey.asc and observe stdout !
Component: Installer => RPM Packages
Bug assigned to the package maintainer.
Assignee: bugsquad => boklm
@boklm @dmorgan: Kindly review. IMHO this should be a release blocker for Mga2. Thanks!
tracked at https://bugs.launchpad.net/rpm/+bug/913222
CC: (none) => n3npq
Hi, This bug was filed against cauldron, but we do not have cauldron at the moment. Please report whether this bug is still valid for Mageia 2. Thanks :) Cheers, marja
Keywords: (none) => NEEDINFO
Still valid for 2 and Cauldron.
Keywords: NEEDINFO => (none)CC: (none) => sander.lepikWhiteboard: (none) => MGA2TOO
.
Status: ASSIGNED => NEWAssignee: boklm => bugsquad
Still valid for beta3. Isn't is about time this was solved? It looks really bad on Mageia if we cannot fix this before final release !
Whiteboard: MGA2TOO => 3beta3
CC: (none) => cooker
Valid for 3RC. Almost 2 years old
Summary: /etc/RPM-GPG-KEYS are not Mageia's => /etc/RPM-GPG-KEYS are not Mageia's but belong in Mandriva onlyWhiteboard: 3beta3 => 3RC
Valid for prerelease isos of Mageia 3 final
Whiteboard: 3RC => 3final
CC: (none) => thierry.vignaud, tmb
Package updated in svn to remove /etc/RPM-GPG-KEYS.
CC: (none) => boklm
And submitted to Mageia 3 by ennael.
Status: NEW => RESOLVEDResolution: (none) => FIXED
Nicolas: thanks for the fix. But for good order's sake: did you ascertain that the absence of the directory has no negative effects for anything like rpm building or other?
I couldn't find anything using that directory. And since the directory had wrong keys since the begining of Mageia, we should have noticed if it broke something important.
'like the way u think.
CC: boklm => (none)