[WBEL-users] Getting up2date to install locally signed RPMs
William Hooper
whooperhsd2@earthlink.net
Fri, 14 May 2004 10:48:10 -0400 (EDT)
Jesse said:
> On Fri, 14 May 2004, William Hooper wrote:
>
>> > What do I need to do to get up2date to install and update RPMs that
>> we've
>> > signed with our in-house RPM GPG key?
>
>> What does:
>> rpm -K package_file_name.rpm
>> give you?
>
> rpm -K gives:
> boa-0.94.14-0.rc17.1.fr.i386.rpm: (sha1) dsa sha1 md5 gpg OK
> rpm -vK gives:
> Header V3 DSA signature: OK, key ID 75dcef79
> Header SHA1 digest: OK (9e6999295f0b727b7c20054548a3b02292f4f2a3)
> MD5 digest: OK (a057d514b0bb90179baffbe146a6b396)
> V3 DSA signature: OK, key ID 75dcef79
Hmm... I was under (I guess the mistaken) impression that if RPM was
happy, up2date would be happy.
> rpm -qi gpg-pubkey-75dcef79 returns information on my installed GPG key.
>
> I resigned the package with the command:
> rpm --resign boa-0.94.14-0.rc17.1.fr.i386.rpm
Since bugzilla is down, I wonder if the issue is resigning? Maybe try
rebuilding the src.rpm and signing it in that process?
Did yum work properly after you added the "gpgcheck" option?
--
William Hooper