up2date starts it's update process, but fails and then stops the update process when trying to update this file. Here is the log output for the system.
--------------------- up2date Begin ------------------------
**Unmatched Entries**
solving dep for: ['perl(Archive::Tar)', 'base-fonts']
solving dep for: ['base-fonts']
solving dep for: ['base-fonts']
Package perl-Archive-Tar-1.30-1.el4.rf has a unknown GPG signature.
Updating package profile
---------------------- up2date End -------------------------
And here is the log output from up2date.
perl-Archive-Tar-1.30-1.el4 Retrieved.
warning: rpmts_HdrFromFdno: V3 DSA signature: NOKEY, key ID 6b8d79e6
The package perl-Archive-Tar-1.30-1.el4.rf is signed, but with an unknown GPG key. Aborting...
Package perl-Archive-Tar-1.30-1.el4.rf has a unknown GPG signature.
Aborting...
Now I do get an error from rkhunter as well, possibly related?
Warning: Application 'gpg', version '1.2.6', is out of date, and possibly a security risk.
And occasionally CLAM gives me an error about being able to read compressed files stating the program is not installed (to decompress).
Any suggestions?
Full Version: up2date unknown GPG signature
If the rpm package you are downloading is not signed... this will happen.
To resolve it just use (double check the syntax) "up2date --download perl-Archive-Tar". That should save the rpm to (i believe) /var/cache/up2date/. cd into the directory and install the RPM manually using "rpm --nosignature -i perl-Archive-Tar".
To resolve it just use (double check the syntax) "up2date --download perl-Archive-Tar". That should save the rpm to (i believe) /var/cache/up2date/. cd into the directory and install the RPM manually using "rpm --nosignature -i perl-Archive-Tar".
Got the abort still right after download....what would be the switch to ignore signature?
Also under RHEL4 it goes to /var/spool/up2date (just FYI for a anyone else reading this post)
Also under RHEL4 it goes to /var/spool/up2date (just FYI for a anyone else reading this post)
QUOTE (DragonSmoke @ Dec 14 2007, 01:35 AM) 
Got the abort still right after download....what would be the switch to ignore signature?
Also under RHEL4 it goes to /var/spool/up2date (just FYI for a anyone else reading this post)
Also under RHEL4 it goes to /var/spool/up2date (just FYI for a anyone else reading this post)
Off the top of my head, I don't think there is a flag for up2date to ignore signature. This is why I suggested earlier to use the up2date to download the rpm. Then to install it using rpm, since rpm has --nosignature.
Another idea would be to change your up2date configuration to skip the gpg signature check. Then once your done, you can change it back.
To do this:
"up2date --nox --configure"
change the line that says useGPG to no.
EDIT:
Better yet... just do this...
root@server [~]# rpm -q perl-Archive-Tar
package perl-Archive-Tar is not installed
root@server [~]# wget ftp://ftp.pbone.net/mirror/dag.wieers.com...4.rf.noarch.rpm
--04:56:35-- ftp://ftp.pbone.net/mirror/dag.wieers.com...4.rf.noarch.rpm
=> `perl-Archive-Tar-1.30-1.el4.rf.noarch.rpm'
Resolving ftp.pbone.net... 85.14.85.4
Connecting to ftp.pbone.net|85.14.85.4|:21... connected.
Logging in as anonymous ... Logged in!
==> SYST ... done. ==> PWD ... done.
==> TYPE I ... done. ==> CWD /mirror/dag.wieers.com/packages/perl-Archive-Tar ... done.
==> PASV ... done. ==> RETR perl-Archive-Tar-1.30-1.el4.rf.noarch.rpm ... done.
Length: 47,333 (46K) (unauthoritative)
100%[===============================================================================
================>] 47,333 69.07K/s
04:56:38 (68.85 KB/s) - `perl-Archive-Tar-1.30-1.el4.rf.noarch.rpm' saved [47333]
root@server [~]# rpm -i perl-Archive-Tar-1.30-1.el4.rf.noarch.rpm
warning: perl-Archive-Tar-1.30-1.el4.rf.noarch.rpm: V3 DSA signature: NOKEY, key ID 6b8d79e6
root@server [~]# rpm -q perl-Archive-Tar
perl-Archive-Tar-1.30-1.el4.rf
root@server [~]#
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.